Risk of ransomware infection surges during COVID-19 pandemic
Ransomware is one of the fastest-growing cybercrime threats faced by private and public enterprises around the world. Now fraudsters are exploiting the coronavirus health crisis to ratchet up their assaults even more. Ransomware attacks jumped by 148% in a single month—from February to March 2020.
All organizations are susceptible to ransomware fraud given the disruption caused by the COVID-19 pandemic. A key vulnerability is the shift to a remote workforce as employees sheltering-in-place use home networks to access company devices, VPNs, and collaboration tools. Ransomware criminals also are targeting government entities and health organizations such as hospitals, testing facilities and local health districts.
How ransomware infects, spreads, and inflicts acute pain
In a successful ransomware attack, cyber criminals essentially hold your computer hostage, blocking access to your operating system by locking your screen or encrypting important files until you pay a sum of money. The primary mode of penetration is through spear phishing emails that contain malicious links or attachments, as well as compromised websites embedded with malicious code that allows fraudsters to exploit vulnerabilities in your system, gather information, and execute the ransomware.
What makes ransomware especially dangerous is how an infection can spread across a network of computers and mobile devices. After accessing a network, ransomware fraudsters can also steal sensitive data to use as leverage to force ransom payment or raise the price. Perpetrators looking for multiple ways to monetize a breach have even shorted a company’s stock before publicly posting sensitive data.
The impact: tangible and hidden costs
According to a recent report by Emisoft, ransomware demand costs could exceed $1.4 billion in 2020 in the U.S. alone. Based on an average down time of 16 days, the overall cost of recovery could reach as much as $9.3 billion.
Some post-attack expenses are less easy to quantify than the cost of ransom. They include: brand reputation and related lost sales and revenue; impacts to contractual obligations, data breach processes and notifications; operational costs; and attack mitigation, recovery, and future prevention.
Take steps to help protect your company
Make sure to take steps to help protect your organization from attack.
- Educate employees on the threat and necessary precautions.
- Regularly back up data and store a secure copy of it offline.
- Segment networks so that it is more difficult for ransomware to spread across systems1
- Implement firewalls and strong spam filters, as well as measures to keep your software and operating systems updated. Make sure that anti-malware software is up-to-date.
- Patch known vulnerabilities in your operating systems and applications.
- Treat a ransomware incident as a data breach incident.
- Make sure you have plans and contingencies in place to address the different scenarios associated with this threat. This includes any potential impact from ransomware attacks directed to third-party providers, especially third-party tech companies engaged by your business.
- Discuss ways to increase security with your IT team. Make sure to communicate any new security measures to all employees.
- Stay vigilant to protect against the heightened threat of ransomware during the COVID-19 pandemic.
2 “Amid COVID-19, Global Orgs See a 148% Spike in Ransomware Attacks: Finance Industry Heavily Targeted”, by Patrick Upatham and Jim Treinen, April 15, 2020. (Source: https://www.carbonblack.com/2020/04/15/amid-covid-19-global-orgs-see-a-148-spike-in-ransomware-attacks-finance-industry-heavily-targeted/)
3 “Ransomware demands: $170B Worldwide Forecast in 2020, Report” by DH Kass, February 13, 2020, msspalert.com. (Source: https://www.msspalert.com/cybersecurity-breaches-and-attacks/ransomware/demand-costs-2020-research/)