After years of making headlines as it successfully breaches businesses, hospitals, and government agencies, causing them to suffer many millions of dollars in losses, this dangerous type of cyber-attack technology continues to wreak havoc worldwide. Ransomware may seem like a straightforward concept—computer malware that makes data unavailable to its owner until the owner pays a ransom to the criminal operating the ransomware. Yet, somehow, there are many misconceptions about ransomware—and some of them seem to be regularly believed even by people who are otherwise highly knowledgeable about technology. To dispel these misconceptions, let’s dive into some Ransomware Facts.
Essential Ransomware Facts You Need to Know
Ransomware Fact: Paying the Ransom Doesn’t Guarantee Data Recovery
Over the past decade or so, we have seen, increasingly often, that (surprise!) many crooks utilizing ransomware are not honest, and that many parties who have paid ransoms have not regained access to their files. Over half of businesses paying ransomware ransoms may not be getting their data back. Over half of businesses paying ransomware ransoms may not be getting their data back. This is one of the critical Ransomware Facts that many people overlook.
Ransomware Facts: Different Variants Beyond File Encryption
Ransomware blocks you from accessing your files, but there are multiple ways of doing so. The malware may either (a) encrypt your files and demand a ransom in exchange for the relevant decryption keys. Or (b) remove your files, or portions thereof, from your computing devices, and demand a ransom in exchange for returning your electronic property.
Evildoers may even threaten that if you do not pay their ransom within some period of time that they will either destroy or leak the information that they have stolen from you.
Other variants of ransomware attacks may prevent you from using a particular connected device. Or may involve a threat that if a ransom is not paid, the criminal will cause connected devices to malfunction.
Ransomware Facts: Increasing Sophistication of Attacks
Many of today’s ransomware strains not only employ powerful anti-detection technology. Utilize sophisticated analysis engines to quietly seek out the most sensitive files within an organization. The ransomware remains “dormant” from the perspective of inflicting damage until it detects sensitive data. Then activates to infect the materials that the organization is most likely to be willing to pay a ransom in order to quickly recover.
Targeted Attacks Are More Profitable Than Random Ones
Cybercriminals today know that targeted attacks can pay off handsomely (ransomware payments). As such, they may utilize all sorts of social engineering techniques, as well as technical exploits, in order to deliver ransomware into specific, intended targets.
Many such criminals also perform research into their would-be-victims’ financial situations. Both select their targets and establish the amounts that they demand as ransoms accordingly.
Even some of today’s opportunistic ransomware attacks leverage such an approach. Basing the amounts demanded as ransoms on the geolocation information of victims. If you are located in the USA an hit with such ransomware, the criminal is likely to demand a significantly higher ransom than he or she would demand from another one of his or her victims. If that victim is located in a less-developed country whose residents have a far lower average income than that of the US population.
Hardware Can Spread Ransomware
Ransomware Facts also extend to hardware. Poisoned hardware – that is hardware onto which malware or backdoors have been loaded somewhere between the design of the hardware and its delivery into your production environment – can easily spread ransomware.
You could be in for a terrible surprise, for example, if you purchase an innocent-looking off-brand USB-C charger for your laptop, but that particular charger has a chip embedded within it that communicates with your laptop over the USB C port that you thought it uses only for charging, exploits a vulnerability, and infects the device with ransomware. For the same reason and others, you should never use public USB-based chargers for phones and other computing devices.
Ransomware Facts: Why Healthcare Is a Frequent Target
Since early 2016, hospitals have been consistently targeted by ransomware criminals. The life-threatening consequences of losing medical data make healthcare institutions an attractive target for ransomware attacks. This is an important Ransomware Fact to consider in the context of industries that are especially vulnerable.
Schools and Universities Face Ransomware Threats
Despite not always having large amounts of cash on hand, schools, especially universities, are frequent ransomware targets. The potential damage to personal data and academic records makes schools a significant target for cybercriminals. These Ransomware Facts should make educational institutions take ransomware seriously.
Cyber Hygiene and Backups Are Your Best Defense
There is no substitute for practicing proper cyber-hygiene, and doing so is both far more comprehensive and preventative than any other measure in terms of combating ransomware and preventing data leaks.
But, let’s face it—nobody is perfect, and things can still go wrong even if you do practice good cyber-hygiene. So, backup. Often.
Remember to keep backups disconnected from your computer and you’re your networks so that if any ransomware (or other ransomwhere) gets onto your laptop or onto your network it cannot infect the backups.
Ransomware Facts About IoT Devices
Ransomware Facts also point out that smart devices, like connected cameras, can act as gateways for spreading ransomware. Even if these devices do not store sensitive data, they can help propagate malware to other more vulnerable devices.
Ransomware Attacks Are Not Going Away
I have made that statement over and over for half a decade – and, sadly, just as it has proven to be true until not, it is likely to continue to be true for the foreseeable future.
This article is an updated version of cybersecurity expert Joseph Steinberg’s earlier piece, Ransomware: 8 Things That You Must Know.
