Ransomware
and Regular people
Chuck's Cyber Wall
For the last few years, there’s been growing concerns about Ransomware. It’s the primary topic of discussion in blogs, newsfeeds, and security conferences. But cybersecurity professionals aren’t the only ones who should be concerned because it affects us all.
Currently, 3.4 billion phishing emails are sent daily, and an average of 1 cyber-attack every 44 seconds is projected to hit $6.9 billion in the United States alone. Automated bots have turned us all into targets – and right now, phishing is the means, and Ransomware is the end. Okay, that’s oversimplified, but that line of logic explains why Ransomware attacks are on the rise, and why that meteoric trajectory won’t curb anytime soon.
RANSOMWARE EVOLUTION
In the early days, cybercriminals directed Ransomware attacks at wealthy individuals and corporations who could afford to pay to get information back or keep it from being leaked. An attack in 1989, for example, used a trojan virus to hide directories and encrypt the names of the files, demanding $189 to restore access. Directed attacks like this, requiring infected diskettes, didn’t strike fear into the hearts of early computer users.
Fast forward to 2006, and cybercriminals began to realize that Ransomware could be monetized on a far broader scale with so many people using the internet. Using better encryption, a trojan delivered by a hacked website could encrypt everything in the My Documents directory. Two years later, a similar trojan began spreading through an email attachment that used a stronger type of encryption.
Of course, these attacks were still more or less directed at businesses and people who could afford to pay. Because of this, the public remained largely unconcerned with this threat. And then came.…
THE RANSOMWARE WAVE
Among business people, charting growth is common. It’s exhilarating to see exponential growth year over year in your business, while that same growth in criminal activity can be terrifying. So when reported attacks grew from around 60,000 in 2011 to 720,000 in 2015, cybersecurity professionals grew very concerned. But even with these ransomware variants flooding email and hacked websites, the public remained largely unconcerned.
Why? Because most people believe that Ransomware is something that happens to other people.
Starting in 2016, this Ransomware Wave grew to more than 4,000 attacks carried out daily, and in 2021, we saw new Ransomware attacks every 11 seconds worldwide. In addition to being monetized, these attacks have been automated, meaning that every single person with an internet active device is a target.
THE COST OF RANSOMWARE
Let’s take a look at a few of the costs associated with these attacks.
- Organizations pay an average ransom of $570,00-$812,360
- Individuals pay an average ransom of $18,077
- There’s an average 26-day downtime from an attack
- 92% of people who pay the ransom don’t get their data back
- 71% of people who pay the ransom get extorted multiple times
- Attackers demanded a $152 million ransom in 2022
- The global cost of Ransomware will exceed $50 billion in 2023
In this new reality, Ransomware is not something that happens to other people, and we’re a long way from Ransomware demands of $189. This is a money-making industry that targets everyone. And the worst part is that the vast majority of these attacks aren’t directed – they’re opportunistic.
Stolen credentials, whether from phishing schemes, social engineering, or hacked websites, provide cyber criminals with the means to make these attacks.
EVERYDAY IMPACTS OF RANSOMWARE
And finally, cybersecurity professionals are struggling to bring a public awareness of Ransomware. Sadly, this is because attacks are closing schools, affecting transportation, threatening food supplies, and causing people to miss medical appointments and procedures. In short, Ransomware attacks are becoming unavoidably real for regular people.
The stakes have changed dramatically, with the costs of Ransomware inflating to millions of dollars, with far more sophisticated targeting and the use of automated technology to spread its influence. Attacks interrupt critical systems and national functions, disrupting people’s lives as they evolve into national security, public safety, and public health threats.
Because of the real-world implications these attacks have on the public sector, the federal government has been cracking down on Ransomware. Corporate America has long taken these threats seriously, but now CISA established guidelines for small businesses and regular people, along with in-depth investigations into attacks. Unfortunately, this is much like the war on drugs in that for every group stopped, another takes their place.
PROTECT YOURSELF FROM RANSOMWARE
The reality of the situation is that people need to protect themselves from Ransomware. The vast majority of successful attacks happen because people don’t use strong passwords, refuse to change passwords, ignore 2FA, and aren’t aware of phishing and other social engineering attacks. Ignoring basic internet security because it’s inconvenient keeps providing cybercriminals with opportunities to attack, not just personally but also on our society.
By taking an active role in protecting yourself from Ransomware, you are helping to protect businesses, schools, utilities, entertainment, and every other aspect of our society currently under attack.
CYBERSECURITY EXPERTS
At Clark Computer Services, we have the cybersecurity expertise you need, whether its help with compliance, securing your network, getting antivirus and other security software onto your computers, and more. Contact us at 301-456-6931 or [email protected] to see how we can help you and your business get Cyber Secure!
Director of Cybersecurity and Marketing
I’ve always had a love of working with technology, being fortunate enough to have grown up with a grandfather who taught me how to fix things for myself and not be afraid to jump in and get my hands dirty. Over the last three decades, I’ve worked as a technician, trainer, technical writer, and manager in small businesses, enterprise organizations, and government. In addition, I’m an author, having published multiple works available online and in print. You can find my creative work at https://WritingDistracted.com