A recent study states that even with the decline in attacks through malware, there were 638 ransomware attacks in the past year. This is a truly alarming figure when compared to 3.8 million in 2015.
For those who are not very familiar with the term, we will start by saying that a ransomware (from the English ransom, rescue, and software ware) is a type of malicious computer program that restricts access to certain parts or files from the infected system, and asks for a ransom in exchange for removing this restriction.
Different types of malware have enabled hobbyist hackers to carry out all kinds of extortion on a global scale, viewing it as a very lucrative business. According to IBM, cybercriminals are believed to have won billions of dollars thanks to ransomware over the past year.
This has occurred thanks to all the entrepreneurs who have been forced to pay thousands of dollars between 10,000 and 40,000 to these cybermafias. It has been estimated that during the first half of 2016, a single gang dedicated to ransomware extortion was able to grab around $ 121 million.
But what started affecting individuals, now affects practically each and every one of the areas and sectors of our lives. Small companies, hospitals, hotels, police and senior government officials, who have sensitive information, are exposed to this type of attack.
In fact, more than a dozen hospitals have reported ransomware attacks during the past year, including Hollywood Presbyterian, who was asked for $ 3.4 million if they wanted to get his data back. A Texas Police Station has also lost years of testing after refusing to pay the ransom of the data to a hacker.
The number of ransomware attacks is getting higher
Despite the fact that many of these hackers search for large companies and giants from different sectors, small and medium-sized companies are also in the spotlight. In this case, the amount required for the rescue of the stolen data may be between 500 and 50,000 dollars.
And the figure is increasingly alarming. In fact, the security firm Symantec estimates that the average ransom required in 2016 was $ 679, more than double of the $ 295 required at the end of 2015.
The truth is that small businesses can become much more vulnerable to not having enough resources or staff. Many do not even realize the great value of the data they store
The FBI is encouraging victims to report the attacks regardless of whether they were paid for or not. In this way, the authorities seek to know the real scale of a real threat and that keeps growing day after day.
If the hackers do not delete the data, it may be sold to the highest bidder or lost forever on the network.
Victims become executioners
Some of these criminals have begun to give their victims a second chance. turning them into hackers for a day. In this way, the initial victim will have to help the criminal install the malicious software on other computers.
Worst of all, ransomware does not require advanced technical skills. The software can be purchased off the shelf, or even rented. Ransomware-as-a-service It allows criminals without technical expertise to rent an existing botnet of infected computers and use them to infect new computers.
Once this is done, the criminals receive a commission for each of the successful rescues.
Although Windows is still the operating system with the most security problems, users of Mac OS and Linux are also not completely safe. In fact, more and more malware is being created specifically for OS X and Linux operating systems.
On the other hand, it should be noted that although ransomware attacks targeting Android smartphones are relatively few, the number is increasing more and more.
Too high a cost for victims
If adequate protection is not sought, a ransomware attack could mean the life or death of a company. The United States National Cyber Security Alliance reports that up to 60% of small and medium-sized companies hacked end up closing six months after receiving the attack.
Rising ransomware attacks appear to be driving an increase in cyber-insurance offerings, a development that could help shore up cyber defenses in general. Jeremiah Grossma, SentineOne’s head of security strategy, has stated that there are going to be professional ransomware negotiators who will assist insurance companies in the future.