Looking at just a sample of ransomware attack news headlines within the last 48 hours - “Baltimore transfers $6 million to pay for ransomware attack”, “Ransomware Attack Targets Wolcott Public Schools”, “New ransomware grows 118%” , “Surge of ransomware attacks target local governments” – sends chills to many of us, who rely on data to “keep the lights on”. At one point last year, the ominous trend seemed to be waning. Unfortunately, it has recently reversed course.
In a new IT Pro Portal article titled “Ransomware sees major resurgence,” one security expert chimed in - “After a periodic decrease in new (ransomware) families and developments at the end of 2018, the first quarter of 2019 was game on again for ransomware, with code innovations and a new, much more targeted approach” said Christiaan Beek, McAfee lead scientist and senior principal engineer. So, why is it making a comeback? Well, it is profitable and sustainable.
Sustainable? Yes, cyber insurance providers seem to be willing to pony up the cash. Fabian Wosar, chief technology officer for anti-virus provider Emsisoft, said in this article, The Extortion Economy: How Insurance Companies Are Fueling a Rise in Ransomware Attacks, “Paying the ransom was a lot cheaper for the insurer.” He continued, “Cyber insurance is what’s keeping ransomware alive today. It’s a perverted relationship. They will pay anything, as long as it is cheaper than the loss of revenue they have to cover otherwise.” This “Surrender and Pay” approach obviously goes against the general recommendations by security experts and law enforcement for the reasons that, firstly, the victims may not get the ‘antidote’ (i.e. decryption keys) to regain access, and, even more seriously, such payments keep this destructive industry going strong.
So, how can we put an end to this? This is no easy task given the ever evolving ransomware virus landscape. On one hand, you may have the WannaCry worm, which exploits the gap of an outdated system due for a patch. On the other, you may face SynAck, which bypasses virus detection with a new technique. Who knows what tomorrow might bring?
No one wants to be faced with the tough decision of “to pay or not to pay” especially when it comes to dealing with criminals. One way to help mitigate that risk is to take a proactive approach in securing your devices from attacks while keeping the data on them out of reach from ransomware. To find out how, please download the “ 2 Steps to Close the Gap in the Ransomware Defense” white paper to learn how Micro Focus endpoint backup and endpoint management can help you build the much needed defense for your organization.