After several reports last year that showed ransomware attacks were in decline, a new report from McAfee shows attacks have doubled in 2019. The ‘epidemic’ we have been experiencing over the last couple of years may now just be the new normal. With the declining value of information gained from data breaches, hackers have resorted going to the source where they are most likely to get paid; ransomware.
Brief History of Ransomware
Ransomware is a type of malicious software, also known as malware, that gains access to files or systems and blocks user access to those files or systems. All files or even entire devices or networks are held hostage using encryption until the victim pays a ransom (hence, ransomware) in exchange for a decryption key. The key allows the user to access the files or systems encrypted by the ransomware.
While ransomware has been a prominent threat to individuals, businesses, and cities alike since the mid-2000s, ransomware varieties have grown increasingly advanced in their capabilities for spreading, evading detection, encrypting files, and coercing users into paying ransoms.
Ransomware is typically delivered via phishing campaigns using attack vectors such as email, personal messages, or even popups on devices. As the public has become more aware of ransomware, hackers have become more sophisticated with their messages; making them more and more enticing for an individual to open.
2019 Ransomware Statistics
After a periodic decrease in new families and developments at the end of 2018, ransomware has seen a huge comeback with increases of 189 percent since Q4 2018 and a massive 508 percent uptick since Q1 2018. While the reasons may not be immediately obvious, the increase has occurred due to the declining value of stolen information from data breaches as well as the shift from hackers targeting individuals to commercial organizations.
The biggest targets and perhaps the story of the year in cybersecurity is the number of cities or municipality governments who have been hit by ransomware with massive ransom demands. Ransomware attacks have hit at least 170 county, city, or state government systems since 2013, 40 of which have been in 2019. An attack in May crippled the city of Baltimore to the point where city workers loss access to emails and many services ground to halt. While the ransom demanded was only $76,000 worth of Bitcoin, it cost the city nearly $18 million to recover from the attack. Aside from this attack, the majority of attacks in 2019 have been on small towns and municipalities. As corporations harden their defenses against ransomware attacks, hackers have found convenient targets in cities and municipalities whose defenses are much weaker. As cities and towns head towards digitalization, the potential for larger, more devastating attacks becomes even greater.
“The government knows it needs to change, but they move slowly compared to how quickly private business can pivot to manage their exposure to a new threat,” said Gary Hayslip, former chief information security officer for the city of San Diego. “Until it is mandated that cities, counties, and states meet a specific level of security and have to periodically demonstrate it as is done in business for compliance, government entities will continue to be low-hanging fruit and cybercriminals don’t mind eating them for lunch.”
CryptoStopper by WatchPoint
CryptoStopper uses deception technology to detect ransomware. During the installation process, decoy files are strategically deployed. We call these Watcher Files. When ransomware begins the encryption process, CryptoStopper detects it in real-time and takes automated action to stop the attack and alert you to the event.
Antivirus and firewalls no longer provide the protection you need to save your network from a ransomware attack.
Using deception technology and CryptoStopper is the only way to stop an actively running attack that has gotten past your traditional defenses. Click here to learn more about CryptoStopper and how WatchPoint can help with your cybersecurity needs!
Photo courtesy of Government Technology