Though ransomware attacks only came into fashion within the last decade, the method of infiltrating devices and stealing data has been around since the late 1980s. Almost all other tech from that era — from the VHS player to the brick-style Game Boy — is remarkably outdated and has been replaced over the course of the intervening 30 years. Yet, ransomware remains.
In fact, despite predictions five years ago that ransomware would slowly wane in favor of more complex forms of cyberattack, it seems that every other tech headline of 2021 has detailed another data leak resulting from a successful ransomware attack. Is ransomware actually increasing in popularity, and what can the average user do to protect themselves?
There Is a Surge in Ransomware
In February, a ransomware attack caused a water treatment plant in Oldsmar, Florida to raise the lye in the area’s drinking water to dangerous levels. In March, one of the largest insurance companies in the U.S. was locked out of their network for almost two weeks due to ransomware. In April, the Houston Rockets suffered a ransomware attack which led to the theft of contracts, non-disclosure agreements and other confidential data. In May, the East Coast lost most of its gasoline supply when the Colonial Pipeline was shut down following ransomware. Most recently, in June, ransomware caused a multi-national meat manufacturer to cease operations for two days, which will likely result in beef shortages in the coming weeks.
By no means are these the only ransomware attacks occurring, either in the U.S. or elsewhere around the world. FBI estimates suggest that over 4,000 ransomware attacks occur every day and that a business somewhere in the world succumbs to a ransomware attack every 11 seconds. There is no question: Ransomware is, in fact, increasing in popularity amongst cybercriminals, and it is unlikely that they will abandon this method of attack any time soon.
Ransomware Is Cheap, Easy and Effective
The main reason ransomware attacks are on the rise is that they are among the easiest and least expensive types of attacks to carry out. A lazy cybercriminal who knows little about hacking can buy a ransomware kit online and launch it in an email or on social media. Likely, that criminal will find some successes, generating a small amount of profit for themselves with little to no effort. Considering how many wannabe cybercriminals there are around the world — and how many black-hat organizations like DarkSide are willing to sell them the tools and teach them the ropes — you can begin to understand why ransomware attacks are spreading.
In addition, there are more methods for exchanging payment online than ever before, and thus, there are more methods for receiving ransoms. Cryptocurrencies, in particular, tend to be attractive to cybercriminals because they allow for anonymous payments. Unlike wire transfers or pre-paid gift cards — the most common payment methods before crypto emerged — criminals can receive payments without fear of identification or reaching an upper limit on their extortion efforts.
Not Everyone Is at Risk From Ransomware
Unfortunately, as long as people fall victim to ransomware, ransomware will continue to be a threat. While there are ransomware scams targeting every type of computer user, the average user is not likely to encounter a ransomware attack that demands more than a few hundred dollars in ransom. In contrast, organizations — especially large, international businesses and government agencies — have much to fear from ransomware attacks. Organizations rely heavily on their digital infrastructure, have incredibly valuable data, and boast deep pockets to pay ransoms in the thousands or even millions. Plus, interfering with business or government operations is in the mission statement of many black-hat hacking groups.
Fortunately, there are ways for everyone to avoid even the worst ransomware attacks. The average computer user can install antivirus software designed to recognize and thwart ransomware. Organizations can install system backups and more rigorous cybersecurity measures to keep hackers out. Most importantly, everyone can use devices and data with appropriate cyber hygiene, to recognize potential ransomware threats before they can cause damage.
There are more ransomware attacks occurring than ever before, and likely the number will increase before it drops away. Still, a ransomware attack is not an inevitability, for the average user or the organization, and we can all work together to make ransomware obsolete.