The huge spike in ransomware attacks on businesses over the last year has multiple causes, many rooted in the pandemic. Plenty of businesses scrambled to set up a work-from-home (WFH) model in a big hurry, leaving a trail of security flaws. There have been ample social-engineering opportunities for hackers also, ranging from phony texts about COVID testing to phishing attempts disguised as vaccine news.
But there’s another factor as well: Suddenly a lot more people are capable of delivering ransomware attacks. Welcome to Ransomware-as-a-Service (RaaS).
The name is a derivative of the Software-as-a-Service (SaaS) model; back in the day, you would buy your software in a box, on discs, and host it on your own PC or server. Along came software that lived in the cloud, paid for on a subscription basis: SaaS.
RaaS follows a similar model, but with evil intent. Now the developers of ransomware are selling their software on the Dark Web, which dramatically lowers the bar for the technical skills required to pull off an attack. In other words, before RaaS only the most sophisticated cybercriminals were capable of a successful ransomware attack. Now, others can pay for turnkey technology to do it for them, or even sign up for a sort of affiliate agreement in which they share any ransom with the developers.
Considering that ransomware attacks already have increased by 140% over the past year, with a median cost of $178,000 for the ransom alone and an average overall loss of more than $1 million, this is very bad news indeed. And if you think current backups will protect you, think again. Many ransomware attacks have morphed into what’s called extortionware: You no longer pay to decrypt your vital, sensitive data, you pay to keep it from being put up for grabs on the Dark Web.
At the moment there seems to be more truth than ever to the IT industry adage: “There are two kinds of businesses; those who’ve been hacked and those who don’t know they’ve been hacked.”
What to do? The same advice as ever still applies, but now takes on a whole new urgency. Train employees to detect phishing attempts, keep all devices and software up to date, enable security measures like two-factor authentication (2FA) and so on. Get professional help with your IT security profile, especially with a remote-working environment.
And make sure your cyber liability coverage is up to date and offering adequate protections. Too many businesses – 60% by one estimate – cease operations within a year of a ransomware attack. Hoping it doesn’t happen to you is no longer a viable strategy.
Questions about cybersecurity or cyber liability coverage? Contact Consolidated Insurance.