Ransomware has hit the mainstream news in a big way recently in the form of WannaCry - an globally coordinated malware attack. If fiscal reasons have stopped you from securing your network against ransomware thus far, you may want to reconsider your strategy. Not only are attacks like this becoming more and more prevalent, but the developers of ransomware have lowered the price of admission for aspiring cyber criminals. Fortunately, there are some steps you can take to keep your business protected against a ransomware attack.
First, what is ransomware?
Ransomware is a particularly unpleasant form of malware that, fitting to its name, encrypts your data and demands a ransom for it to be decrypted. However, since this is a cyber criminal at work, there is no guarantee that the files will be restored once the ransom has been paid.
This form of malware can be particularly effective, as many users who could potentially be infected will have little idea what to do, other than pay the ransom. This is especially true of many businesses, which rely on their data for their daily operations.
The cost of ransomware
It’s simple economics, really: by controlling the supply of a commodity that’s in high demand (such as access to business critical data) an individual can set their own price for that commodity. This can be seen in ransomware distributors, who are presumably the only ones who can access the newly encrypted data. As a result, these distributors are able to set their own price, a price which has risen dramatically in recent years.
For example, the average price demanded to decrypt an infected computer was around $294 in 2015. By 2016, the average price had bumped up to $1077. Plus, there were 36 percent more attempts in 2016 than in 2015 -- and while 68 percent of all ransomware infections that took place in 2016 were targeted to consumers, that’s still a very significant number left targeting businesses.
It gets worse
Making what’s already an unfortunate situation even less fortunate, ransomware has become more accessible to more distributors. This is thanks to ransomware-as-a-service tools, that allow even a relative novice to develop and deploy their own ransomware attacks. One particular ransomware, known as Karmen, is available for anyone to use after they pay a one-time fee of $175.
Fortunately, since Karmen is based heavily on Hidden Tear, an open-source ransomware project, there are decryption tools that have been developed to help. Additionally, security researcher Michael Gillespie created an online resource that can help identify what kind of ransomware has infected the system.