The attackers have adopted a new method called double distortion to put hacked companies under high pressure to pay hefty ransom demands. They first steal data from the company servers before encrypting them, and if the company denies paying the ransom, they threaten to leak the information online. The bitcoin crypto-currency money is being used as a mode of payment because it is untraceable.
Real case scenario of a recent ransomware attack
The second-largest company in Germany, Software AG was recently attacked by ransomware attackers and demanded $20 million as a ransom to decrypt the files and not to publish to the public. When the negotiations failed, the attackers by the name “COP” published on their dark web websites, the screenshots having some details about the company data.
Since the hackers realized that double distortion pays a lot of ransom, cases of stealing money on credit cards have reduced, and they have focused on targeting big companies and organizations. Also, the quick adoption of remote working due to the COVID-19 pandemic exposes the companies to successful attacks because of the weak security measures on home networks.
Also, referring to the pandemic, phishing has become more rampant. The attackers have created false information on COVID-19 that tempts internet browsers to click them on the web or in their emails in search of more information about the pandemic and its vaccine. Ensure that you never open or download software or media that you do not trust in their origin.
The dilemma; Pay or not Pay?
Companies having secret intellectual properties that do not want their information leaked to the public or their competitors end up paying the demanded ransom amount to restore their operations and services quickly.
The US government does not prohibit paying ransom by yourself but does not allow the victims to pay money to anybody sanctioned by the US government. Although authorities and the FBI encourage organizations not to pay ransom to discourage more attacks, some hacked companies prefer to pay the ransom as it is cheaper and faster than dealing with the loss of data and downtime.
According to Proofpoint’s State of the Phish 2020 research, they found out that more than half of companies infected with ransomware pay the ransom. Of the 50% that paid, only 70% got their data decrypted, 10% demanded a second ransom, while 20% never got their data at all. Generally, negotiating with hackers who have an advantage over you is a hell of a thing.
From the statistics, there is a serious risk analysis to be considered before deciding whether to pay or not pay the ransom. All options have to be evaluated to protect shareholders, customers, employees, and all the stakeholders involved with the company.
Measures against ransomware
Putting in mind what trials ransomware attacks bring, it is vital to avoid the tribulations as much as possible by protecting your systems well. Read on to learn more about ransomware mitigation measures.
Educate your employees on how to identify malware and not to click unknown links or open spam emails. Once ransomware is downloaded to your computer, it starts encrypting your data or locks the operating system.
Social engineering is also common. If you receive a call or a message from an unknown source that asks about your data, hung up. The trick is to entice you into opening a malicious link.
Always use anti-malware software to clean and block ransomware attacks whenever they attack your computer. Update it to include the latest security patches.
Externally backing up your data is the most important thing to do because it will always give you a restore point, not just backing up for attackers only, but also against fire, floods, or disk failures. Copy all your data to an external hard drive and never keep it plugged in on your PC. Also, you can use cloud services as you can create snapshots to allow you to revert to the previous state.