With the global COVID-19 pandemic redefining how people work and learn, the possibility of an increase in ransomware attacks is very high.
The new work-from-home culture is gaining more traction than ever before as businesses, government departments and schools try to remain afloat while flattening the pandemic curve. This migration to remote working is a double-edged sword that creates a fertile land for cybercriminals to thrive on. There is no way that cyberattacks can be eliminated completely. The best that companies can do is minimize the frequency of the threats.
What is ransomware?
Cybercriminals use malicious software code to block people or organizations from accessing their computer systems until a ransom has been paid. Cryptocurrencies such as Bitcoin (BTC) have made it easy for these nefarious actors to receive payment without exposing their identities.
The United States cybercrime arm of the Department of Homeland Security, in conjunction with the United Kingdom’s National Cybersecurity Centre has already issued alert warnings about an increase in phishing scams that can lead to installing malware on computer systems. The joint alert was issued as the number of cyberattacks against remote workers increased.
Hackers are targeting individuals and all kinds of establishments. In June, the University of California at San Francisco was forced to fork out $1.14 million in Bitcoin after suffering a ransomware attack. In May, hackers successfully attacked celebrity lawyers Grubman Shire Meiselas & Sacks. The criminals threatened to expose one terabyte of data of celebrities’ private data unless a ransom was paid in Bitcoin. Additionally, the City of Johannesburg, South Africa’s financial capital, was targeted in a Bitcoin ransomware attack in October 2019.
Cryptocurrencies, due to their anonymity, are becoming popular with cybercriminals. Hackers receive the ransom payment in privacy coins or major cryptocurrencies such as Bitcoin. The digital assets are then cleaned by being passed through mixing services.
Companies and employees should invest in cybersecurity
As companies allow their employees to work from home, they have to realize that their data and secrets are at stake. While remote employees are the targets, it is the companies that suffer at the end of the day. It goes without saying that prevention is better than a cure. Companies need to invest in teaching their employees how to safeguard their computers or systems.
According to cybersecurity firm Sophos, about 73% of ransomware attacks result in data being encrypted. For a ransomware attack to be successful, it goes through three stages:
There are several ways in which ransomware begins its process. It could be a simple phishing email or hackers could exploit vulnerabilities in network systems. Firewalls should be used to block ransomware. Some companies may think that implementing a firewall is expensive, but the clean-up bill is much higher.
Employees should use strong passwords that are a mix of all types of characters found on a standard computer keyboard. The passwords should also be constantly changed. There are free tools that can be used to generate strong passwords that are not easy to crack.
Should companies pay ransom demands?
This is a difficult question, as it normally depends on what the company has to lose if the ransom is not paid. Hackers usually target a company if they know that there is valuable data. In most cases, it could be damaging for a company’s operations and reputation if its data, or that of its clients, is leaked on the internet or sold to the highest bidder on the darknet. Nefarious actors were recently selling 160 million user records stolen from 11 companies on the dark web, asking for a combined price of just over $23,000.
The answer to this question is not clear, but logic points to paying the ransom. And cryptocurrencies will be used to facilitate these transactions.
The views, thoughts and opinions expressed here are the author’s alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.