Although ransomware has been around for a few decades, its effects are growing more dangerous by the year. In just the last few years, a new threat has emerged: ransomware as a service. It provides criminals with all of the tools they need to construct a well-targeted ransomware attack. But what exactly is ransomware as a service? And what does it mean for businesses?
A Case Study: San Francisco
The year was 2016. It was Black Friday, and bus and train stations were packed as people rushed about, focused on their holiday shopping.
But in San Francisco, transportation procedures had come to a sudden halt. The San Francisco Municipal Transportation Agency (SFMTA) had fallen prey to a ransomware attack, and the attackers were demanding roughly $73,000 worth of bitcoin.
Luckily, thanks to its quick response and backup processes, the SFMTA was able to restore its systems within two days.
But what about those who aren’t so lucky?
Ransomware Trends Over the Last Decade
- 65% of ransomware infections are delivered via phishing.
- By 2021, a ransomware attack is expected to take place every 11 seconds.
- 85% of ransomware attacks target Windows systems.
- Ransomware costs will reach $20 billion by 2021.
- 51% of businesses have been impacted by ransomware in the last year.
- (Source: ID Agent)
Factors Contributing to Ransomware Escalation
So what’s causing today’s high number of ransomware attacks?
Higher Ransom Payouts
According to Zvelo, one possibility could be higher ransom payouts. Recent trends show that attackers are moving from mass consumer attacks to highly targeted campaigns against specific organizations.
By choosing larger, more profitable ransomware targets, attackers hope to come away with greater profits.
Global ransomware reports have shown payouts ranging from $6 billion to $25 billion. And every time a payout increases, the costs for subsequent attacks soar.
These costs are predicted to reach as high as $170 billion by the end of this year.
In addition, many organizations don’t have the necessary security in place to prevent a ransomware attack.
A lack of backups, disaster recovery, encryption, and phishing protection all make organizations easy targets for ransomware attacks.
Growing Cyber Insurance Market
Finally, some statistics show that organizations with cyber insurance are more likely to pay off a ransom.
While cyber insurance is a good idea for any business, increasing the likelihood that a ransom will be paid only further incentivizes attacks.
What is Ransomware as a Service?
In addition to other factors, one of the greatest causes for the increase in ransomware attacks is Ransomware as a Service (RaaS).
You might have heard of Software as a Service (Saas) or similar “as a service” models. These services are hosted by third party providers and made available to customers over the Internet.
Similarly, Ransomware as a Service (RaaS) provides everything a hacker would need to launch a full-scale ransomware attack.
This is bad news for organizations.
By simplifying the process of executing a ransomware attack, RaaS only increases the threat for businesses.
How Does Ransomware as a Service Function?
RaaS-type businesses sell easy-to-deploy malware kits to individuals through the dark web. The cost for an RaaS can range anywhere from $40 to several thousand dollars (source: Zvelo).
Sophisticated RaaS offerings include customer support and options for tracking victims and their payments.
Like traditional cyber attacks, ransomware as a service users often take deliberate steps to make their behaviors difficult to track. This makes them even more dangerous, since there isn’t a guarantee that they will restore their victims’ data once the ransom is paid.
How to Protect Your Organization from Ransomware Attacks
So what should you do when faced with a ransomware attack?
Even though ransomware as a service can make attacks more targeted and dangerous, it doesn’t mean that businesses are completely helpless.
There are several things that you can do within your organization to prepare against ransom attacks and prevent data loss.
Perhaps the most important thing you can do is to organize phishing campaigns within your company.
According to IBM, 59% of ransomware attacks are delivered via email.
This makes your employees vulnerable. By preparing them to recognize these emails, you can save yourself a lot of trouble down the road.
Instruct your employees to use caution when opening emails and downloading attachments. A lot of phishing emails try to pose as a familiar organization, like a bank or a credit card company. These emails might encourage you to follow a link, or they might ask for sensitive information, like your credit card number or social security number.
You should never provide sensitive information via email. Instead, visit the organization’s website directly, or handle the matter over the phone or in person.
Backup and Disaster Recovery
In addition to training your employees, you need to make sure that your data remains secure. Regardless of whether you ever fall prey to a ransomware attack, you should always have your data backed up, just in case.
There are dozens of Backup and Disaster Recovery (BDR) options to choose from, and they all offer differing levels of storage and security, based on your organization and its needs.
When shopping for BDR, make sure you choose an option that comes with regular or automatic updates. That way, you can ensure that your data is always protected in case of a security breach.
While it’s impossible to block every form of malware that might try to enter your computer, antivirus can still protect you from a lot of major threats.
Additionally, an antivirus software can help you detect unusual activity sooner, giving you a chance to isolate any threats before they become a larger issue.
Like antivirus, a firewall helps you monitor traffic as it enters and leaves your network. You can manually choose to block malicious file types and receive alerts when you experience unusual activity.
Think of a firewall as an additional line of defense between attackers and your data.
Spam filters work together with firewalls and antivirus to block unwanted threats from entering your network. You can use spam filters to block phishing emails, viruses, malware, and more.
Additionally, you can use spam filters to monitor multiple email accounts at the same time.
But can a spam filter really protect you against ransomware as a service?
Like any form of cybersecurity, spam filters aren’t foolproof. But implementing an email filtering system will significantly reduce the chances of a phishing email making it through your network.
You’d be surprised how many organizations don’t perform regular updates and patches to their technology.
Providers are constantly updating and making improvements to their software and devices. By scheduling regular updates, you’re automatically provided with additional protection.
Ransomware as a Service: Looking to the Future
Ransomware doesn’t seem to be going away anytime soon, but there are plenty of things you can do now to avoid becoming a statistic.
By strengthening your cybersecurity through backups, antivirus, regular updates, and employee training, you can protect your data from becoming corrupted or stolen. In addition, you’ll provide greater peace of mind for yourself the members of your organization.
Here at CR-T, we take pride in providing enterprise-level IT services at prices that work for small businesses. Our team of experts can become your IT support department, responding to issues quickly, often before you even know about them. Covering everything from your servers and network infrastructure to your computers, workstations and mobile devices, we provide end-to-end solutions for all your technology needs.
Time and experience have helped us develop best practices and workflow procedures designed to keep your focus on your business, not your technology.