Ransomware and Regular People

Ransomware Locked OutSince the end of 2020, everyone in the field of cybersecurity has been talking about Ransomware. It’s the primary topic of discussion in blogs, newsfeeds, and security conferences.

Regular people need to be just as concerned because it affects us all.

Currently, there are more than 3 billion phishing emails sent every day, and an average of 1 cyber-attack every 39 seconds that’s projected to hit $6 trillion in losses for 2021. With numbers like that showing that phishing is by far the more prolific threat, why is Ransomware getting all the attention?

You’ve heard the term, a means to an end. Right now, phishing is the means, and Ransomware is the end. Okay, that’s oversimplified, but it’s that line of logic that explains why Ransomware attacks are on the rise and that meteoric trajectory won’t curb anytime soon.

Ransomware FloppyRansomware Evolution

In the early days, cybercriminals directed Ransomware attacks at wealthy individuals and corporations who could afford to pay to get information back or keep it from being leaked. An attack in 1989, for example, used a trojan virus to hide directories and encrypt the names of the files, demanding $189 to restore access. Directed attacks like this, requiring the use of infected diskettes, didn’t exactly strike fear into the hearts of early computer users.

Fast forward to 2006, and cybercriminals began to realize that Ransomware could be monetized on a far broader scale with so many people using the internet. Using better encryption, a trojan delivered by a hacked website could encrypt everything in the My Documents directory. Two years later, a similar trojan began spreading through an email attachment that used a stronger type of encryption.

Of course, these attacks were still more or less directed at businesses and people who could afford to pay. Because of this, the public remained largely unconcerned with this threat. And then came the wave…

The Ransomware Wave

Pay the Ransom ImageAmong business people, charting growth is common. It’s exhilarating to see exponential growth year over year in your business, while that same growth in criminal activity can be terrifying. So when reported attacks grew from around 60,000 in 2011 to 720,000 in 2015, cybersecurity professionals grew very concerned. But even with these ransomware variants flooding email and hacked websites, the public remained largely unconcerned.

Why? Because most people believe that Ransomware is something that happens to other people.

Starting in 2016, this Ransomware Wave grew to more than 4,000 attacks carried out daily, and in 2021, we see new Ransomware attacks every 11 seconds. In addition to being monetized, these attacks have been automated, meaning that every single person with an internet active device is a target.

The Cost of Ransomware

Let’s take a look at a few of the costs associated with these attacks.

  • Organizations pay an average ransom of $312,493
  • Individuals pay an average ransom of $1,077
  • There’s an average 19-day downtime from an attack
  • 92% of people who pay the ransom don’t get their data back
  • 71% of people who pay the ransom get extorted multiple times
  • Attackers demanded a $70 million ransom in early July 2021
  • The global cost of Ransomware will exceed $20 billion in 2021

In this new reality, Ransomware is not something that happens to other people, and we’re a long way from Ransomware demands of $189. This is a money-making industry that targets everyone. And the worst part is that the vast majority of these attacks aren’t directed – they’re opportunistic.

Stolen credentials, whether from phishing schemes, social engineering, or hacked websites, provide cyber criminals with the means to make these attacks.

Everyday Impacts of Ransomware

And finally, 2021 is bringing about an unprecedented public awareness of Ransomware. Sadly, this is because attacks are closing schools, affecting transportation, threatening food supplies, and causing people to miss medical appointments and procedures. In short, Ransomware attacks are becoming unavoidably real for regular people.

Ransomware EffectsThe stakes have changed dramatically, with the costs of Ransomware inflating to millions of dollars, with far more sophisticated targeting and the use of automated technology to spread its influence. Attacks are interrupting critical systems and national functions, disrupting people’s lives as they evolve into national security, public safety, and public health threats.

Because of the real-world implications these attacks have on the public sector, the federal government has begun to crack down on Ransomware. Corporate America has long taken these threats seriously, but now CISA established new guidelines for small businesses and regular people, along with in-depth investigations into attacks. Unfortunately, this is much like the war on drugs in that for every group stopped, another takes their place.

Protect Yourself from Ransomware

The reality of the situation is that people need to protect themselves from Ransomware. The vast majority of successful attacks happen because people don’t use strong passwords, refuse to change their passwords, ignore 2FA, and aren’t aware of phishing and other social engineering attacks. Ignoring basic internet security because it’s inconvenient keeps providing cybercriminals with opportunities to attack, not just personally but also on our society.

By taking an active role in protecting yourself from Ransomware, you are helping to protect businesses, schools, utilities, entertainment, and every other aspect of our society currently under attack.

0 0 votes
Article Rating
Notify of
Inline Feedbacks
View all comments