The ransomware plague is not letting up and rapidly getting more technically sophisticated. New strains are popping up every month, using innovative methods to spread. Worse, the ransom demands themselves are skyrocketing at the same time.
This week, cyber insurance experts reported incidents with ludicrous 1 million dollar extortion attempts after attackers were able to encrypt some very important data.
Victor Congionti, CEO of Proven Data told Insurance Business: “Ransomware is only going to become more sophisticated, we expect hackers to start using machine learning and artificial intelligence to develop ransomware variants that evade anti-virus with ease.”
Linda Hamilton, client operation manager at Proven Data said: “In the past, hackers used to prefer RDP brute-force attacks where they would enter a system, locate back-ups, encrypt with a variant of ransomware and then leave. The attacks were relatively simple and straightforward.”
They’re generally doing a lot more damage than they used to
Hamilton continued: “That’s not the case anymore. We’re seeing more and more hackers moving laterally within systems. They’re getting smarter, turning off anti-virus systems, and creating domain controller accounts to gain complete access to systems. They’re generally doing a lot more damage than they used to.”
Cyber criminals are also getting smarter in specifically targeting who to extort. Manufacturers, hospitals, government agencies and schools are particularly susceptible to an attack, especially if they hold sensitive personal information that hackers can exploit to demand more money.
Targeting larger organizations demanding higher ransom fees
“Hackers are targeting larger organizations because they’re able to demand a higher ransom fee,” said Mark Congionti, Proven Data’s president of operations. “They’re also tending to target countries where they think they can extort more money, so places like the US, the UK and Canada where there are higher costs of living, higher wages and so on.”
A British enterprise stared at a million pound ransom demand
The source for the tale is Graeme Newman of CFC Underwriting, whose company traces its roots back two decades and is proud to have pioneered cyber-insurance years before the first weapons-grade strain of ransomware CryptoLocker had even been invented.
CFC says it has recently started seeing ransom demands for 100K and 200K pounds from clients, part of an uptick in claims connected to targeted extortion as well as that other big scam CEO fraud, also known as Business Email Compromise (BEC).
“This is the largest ransom demand we have seen to date in the UK and follows a current trend of increasingly targeted extortion demands, with increasingly large amounts demanded,” says Newman.
A potentially unintended consequence, becoming a target
It’s a pessimistic analysis: having a ransomware extortion insurance policy might make an organization more likely to be targeted. Cyber criminals would attack and try to figure out if their mark is covered for extortion, so in a network-wide infection where all machines are locked at the same time, an insurer might pay quickly.
High-risk organizations in that case would be the insurance company themselves, their brokers, and employees in Legal, Accounting and C-level positions who would know about cyber security insurance policies. Allied Market Research predicts that the sector will grow into a 14 billion dollar global market by 2022.
The most effective way to protect your network against ransomware infections
Here are the three ways most organizations fend off ransomware attacks:
- Weapons-grade backups, ideally hourly snapshots that are easy to roll back.
- Religious patching of both the OS and all third-party apps.
- New-school security awareness training with frequent phishing tests.
Cyber risk managers worldwide agree that people are the weak link when it comes to an organization’s exposure to malware–and hackers use social engineering tactics to exploit the people problem.
Stepping all employees through new-school security awareness training is an absolute must “piece of the defense-in-depth puzzle” to protect your network.
Users become your last line of defense and your essential, additional security layer: an effective human firewall.
Cyber-attacks are rapidly getting more sophisticated. GDR Group will help train your employees to better manage the urgent IT security problems of social engineering, spear-phishing and ransomware attacks. Take the first step now and email firstname.lastname@example.org to request a quote for security awareness training for your organization.