As this unprecedented year comes to a close, amongst the many negative occurrences to befall 2020 has been the slew of reports regarding cyber-attacks, malware, and ransomware that has not discriminated against any size, type or location of businesses around the world.  According to cyber security experts, by 2021, ransomware attacks are predicted to reach an estimated $20 billion dollars of damage for small and enterprise-size corporations globally, and it is predicted that this trend will continue to escalate.

Unfortunately, these cyber-crimes are a big business now and will continue to be. By the end of 2021, businesses of all industries, including manufacturing, government, education, services, healthcare, logistics, to name just a few, will be adversely affected by these activities every 11 seconds. The United States remains by far one of the most affected countries of ransomware attacks, targeting individuals as well as infiltrating our large multi-national corporations, several of them Fortune 500 companies as reported by Wired and Emsisoft.

Malware and Ransomware Reportings

The 2020 year was kickstarted with the Corona virus and has been mired in seemingly one crisis after another ever since. Unprepared for the drastic changes that were to come – a significant number of the population going remote and staying home to work, more ordering online for goods by consumers to maintain social distancing, as well as more dependency on technology to work, continue education, and socially connect - has resulted in people being left more vulnerable to malware and ransomware attacks, especially in the healthcare network.  As the COVID pandemic gained traction, hackers began using it as a way to infiltrate the healthcare industry through email phishing scams and various other sinister methods of cyber sabotage.  COVID-19-themed phishing campaigns became widely used and distributed the ‘King Engine’ ransomware infection to users.

Cyber criminals have successfully spread these ransomware infections via email by masquerading as emails from well-known healthcare companies and government agencies with information regarding the COVID-19 pandemic. These phishing emails have been successful in penetrating environments protected by Secure Email Gateways (SEGs). Once infected, an end-user’s data would be encrypted and a ransom payment – as high as 50 bitcoins, in some cases - is demanded to decrypt the files.

Key Takeaways from New Ransomware Attacks

IBM’s cyber security experts have seen new trends in ransomware attacks from this past year.  Ransom demands have increased exponentially.  In certain scenarios, IBM reported seeing ransom demands of more than $40 million dollars.

The COVID pandemic has broadened the scope for hackers and cyber criminals because more services have moved online.  For example, university and grade school attendees are being targeted more as their classes have moved to a virtual learning environment.

Perhaps the most disturbing new trend discovered is that ransomware attacks are evolving to become data breaches, rather than simply encrypting users’ local files.  Reports have emerged that hackers are stealing sensitive company data by having the ransomware exfiltrate pieces of data back to them before encrypting the bulk of the computer’s information.  They then threaten to release this information to the public if the ransom is not fulfilled within an allotted time frame.  This is dangerous because simply reformatting the computer and restoring the data from a backup will not solve the problem of getting the stolen data back. Thus, if the data is invaluable to the victim, the victim is forced to fulfill the demand.

Best Practices to Protect Yourself and Your Company

Remember that you should always check the “From” address of any email you receive to ensure that it is from the source that it proports to be from.  Never click on any links you’re not familiar with, and do not download files from unknown sources attached to emails sent to you.  You can find out the full URL of a link sent to you by hovering your mouse cursor over it without clicking the link.  Managed IT services providers, like Natural Networks, recommend maintaining a working offsite backup, which would allow you to restore your data from in the event of a ransomware attack.

Managed IT providers recommend that you always protect your data by keeping your computers up-to-date as well as your anti-virus software.  Natural Networks’ IT solution includes patch management for managed IT clients, which ensures that your systems are maintained and always updated.  Being aware of these threats and how to prevent them from getting onto your computers in the first place is always the best way of keeping yourself and your data protected.  If you want to learn more about how a managed IT provider can help keep your office free of viruses and ransomware, give us a call today.