Once Bitten, Twice Shy: The Resurgence of Ransomware

Ransomware is rampant, and the last year has seen a resurgence in this form of cybercrime. Over the last year, the number of attacks has more than doubled, and cybercriminals are turning to ever-more sophisticated techniques and new forms of file-locking software, which is making these attacks more costly than ever before.

Ransomware is, on the face of it, a fairly simple process. Hackers gain access to a system, then lock or encrypt it before demanding a ransom from anyone who wants to get access to their own data.

After the global ransomware attacks in 2017 of WannaCry and NotPetya, hackers and cybercriminals seemed to turn to other methods, most notably Trojan malware or credential theft. But over the last year, ransomware has come roaring back to the forefront of cybercrime, making it the number one priority for businesses looking to protect themselves. Of course, ransomware attacks never stopped completely, but the McAfee Labs Threats Report for August 2019 noted that ransomware attacks had increased by 118% in the first quarter of this year alone.

One of the most concerning elements of this trend is that hackers are coordinating and attacking key weak spots as well as hitting multiple places at once. Only last week, a bunch of cities were hit in a coordinated attack, which left many vulnerable.

One of the biggest and most high-profile of the recent attacks targeted PerCSoft, the cloud management provider for Digital Dental Record, which archives information, insurance documents, and patient records for dentists across the United States.

An estimated 400 dental practices were crippled in the attack, which left doctors without access to patient history, charts, or x-rays. This has a longer-term impact as well, as even if the affected organizations pay up, restoration can take days or weeks to properly take effect, and compromised networks may well not be fully functional for some time.

Part of the reason for ransomware’s popularity with cybercriminals is its effectiveness against cloud and backup services. Cloud hosting providers are prime targets, and this year alone, iNSYNQ (who hosts Quickbooks), Apex Human Capital Management, and Dataresolution.net have all been hit.

The official advice from the FBI and from many cybersecurity firms is that paying the ransom is a bad idea. It encourages other attacks and, in many cases, is ineffective, as there are plenty of examples of victims of ransomware attacks not getting access to their encrypted files despite paying up. However, there are plenty of cybersecurity firms who quietly advise their clients just to pay the ransom, seeing this as the fastest and least problematic route to getting their systems working again and recovering their data.

The growth of the cyber insurance sector has also seen an increase in ransom payments, as these are usually fully covered by the insurer. The independent news outlet ProPublica has found that as a result, hackers are specifically targeting businesses with insurance, expecting a faster and easier payout, which creates a vicious circle where attacks succeed, and more organizations buy insurance, encouraging even more attacks.

Dealing with and protecting yourself against ransomware is a tricky business, but there are things that you and your organization can do to shore up your cyber defenses and reduce the likelihood of a successful attack. At VC3, we take a holistic view of these attacks and look to make an organization more secure across the board, using some of the most advanced and up-to-the-minute technologies to stop attacks before they even happen.

VC3 can provide the expertise and skills to help artificial intelligence play an integral part in defending your business from the ever-increasing threat of cybercrime. Take a look at some of the services we offer, and have a chat with us about how we can help your organization future-proof itself against cybercrime.