By Dhrubaa Ghosh, Sep 02, 2021 11:45
We keep hearing words like ‘phishing’, ‘hacking’, ‘data breach’. One such term is ‘ransomware’ and it made very big news in August 2021 when cyber security firm Barracuda released its annual research report on cyber-attacks. While companies were busy protecting themselves against the COVID 19 virus threat, their data was being compromised by cyber villains bent on extorting money through crooked means.
What is ransomware?
Ransomware is malicious software that uses encryption methods to hold a victim’s information at ransom. Criminal hack into a user or organization’s data system, encrypt a chunk of critical data, and block victims from accessing their own files, databases, or applications. To regain access, the victim has to pay a ransom.
What did the Barracuda report tell about the attacks?
Ransomware attacks grew by a terrifying 64% between August 2020 and July 2021, according to the report from Barracuda. The cyber security firm’s researchers analysed 121 ransomware incidents to get a better view of what sounds like a thriller come scarily true. They found out that most attacks were by a group of well organised, high profile ransomware gangs. REvil ransomware gang accounted for 19% of the attacks. A new ransomware gang, DarkSide, has emerged by causing 8% attacks.
The research states that attackers typically target municipalities, health care, and education sectors, though attacks on other businesses have also risen. The ransom demanded has also skyrocketed. In 30% cases, the gang demanded above 30 million dollars, and only 18% of attackers demanded less than 10 million dollars.
How does the attack happen?
The attackers zero down on an application, usually a third party one, in a business ecosystem. Then they push in their malware and encrypt the data rapidly. Now the company wakes up to the horror of suddenly being blocked from their own systems, and receive a ransom threat. In many cases though, intelligent victims have managed to reduce the ransom amount by negotiating and wasting time, so that the increasingly nervous gangs agree to a lower amount. Barracuda suggested businesses to encrypt their data strongly, be careful about granting software, system and email access to people, be careful about phishing mail and to back up data.