Ransomware Professionals Have Been Busy!
According to an article recently published by the BBC, Bournemouth University in the south of England has suffered 21 ransomware attacks in the past 12 months. In conjunction, 28 NHS trusts were targeted.
Ransomware is a reality. As much a reality as The Onion Router through which it is easily distributed. Cybercriminals are drawn to TOR because of its anonymity, but ransomware cutting through the onion makes us cry.
According to a report compiled by Kaspersky, the number of users affected by ransomware between April 2015 and March 2016 increased by 17.7% in comparison to the previous 12 months. Looking at it from an entrepreneurial point of view, that’s a pretty good year on year growth for a business, and completely explains the “Ransomware as a service” (RaaS) phenomenon gaining popularity amongst cybercriminals.
Who is Targeted by Ransomware?
Individuals, home users, your average Joe – this is the profile of a typical victim of ransomware. It’s easy to have the misconception that large corporations are the most vulnerable. Businesses are vulnerable, but they are also not unwise. Educated about malware, they are more likely to have a business continuity plan in place, which includes proper protection, disaster recovery and (hopefully) backup. An individual home user might not be as well informed and be more likely and willing to actually pay the ransom.
Should You Pay?
The FBI doesn’t support paying ransom in response to a ransomware infection. Paying won’t guarantee that you receive any data back and will encourage cybercriminals behind ransomware attacks to perpetuate the industry, creating a market for this illegal activity.
Are the Numbers Real?
It’s difficult to report accurate numbers because a large part of ransomware attacks will not be reported to the relevant authorities. According to Microsoft, the UK lists as one of the top 10 countries with the most detections of ransomware, contributing 6% to the whole picture. This is not good news, rather alarming if the rate of infection is taken into consideration.
Should a ransomware attack be reported?
It’s never fun to have egg on your face. Most companies and individuals bitten by ransomware will refrain from reporting it in order not to ruin reputations and bring competence into question. Even though it’s really easy in theory to avoid a ransomware attack, or avoid being affected by it, life still happens. Ransomware distribution is a criminal activity, and it should not mean that an individual or institution is incompetent if an attack takes place.
That being said, it is better to be safe than sorry. So our advice on ransomware is: prevention is good, protection is better, backup is best.