Emmanuel Marshall 23 November 2017 15:22:28 AEDT 7 MIN READ

Ransomware is Selling Like Hotcakes

You may have heard of the ‘dark web’ but to most of us it’s just a sinister sounding name. For the world of organised crime though, the dark web is a one-stop robbing shop. It’s a place where crooks can buy ready-made software for extortion, fraud, and intelligence gathering.

Twenty years ago, if a crime boss wanted to get rich quick, they’d get a crew together, buy some hot guns, steal a getaway car and rob a bank. In the digital era, stealing massive sums of money is much less risky, and a lot less dramatic.

To make a big score in 2017 all criminals need to do is get on the dark web, buy some ready-made ransomware and start firing out emails. It won’t even cost them a lot of money to get started; basic ransomware can be had for a few dollars and run on a phone.

Some of the companies making and supplying ransomware today are such slick operations that they provide IT support to their criminal customers.


Cybercrime is Easier than Ever


According to a recent report released by endpoint security company Carbon Black, sales of ransomware on the dark web have shot up 2,500% since 2016.

Basic ransomware can be had for as little as US$0.50 in the illicit software marketplace, so it’s little wonder that this is a booming industry.

Because ready-made ransomware is so cheap and ubiquitous now, it’s no longer only malevolent geeks who are capable of running email scams; pretty much anyone with an internet connection, a few dollars and a conveniently sub-par conscience can get into the ransomware racket.

On the other end of the spectrum, Carbon Black's survey found that nearly 100% of businesses they surveyed would be willing to pay a ransom if their files and documents were rendered inaccessible by malware. That’s a pretty disturbing finding, examined through the lens of economics. With that much willingness by victims of ransomware to pay, this will continue to be a highly lucrative crime category. Where there’s a dollar to be made, there will always be more crooks looking to get lucky, so the astronomic growth in ransomware attacks is likely to continue.


The Hidden Costs of Ransom Scams are Terrible


At this point you might be thinking, ‘well it probably won’t happen to my business and even if it does we’ll just pay the ransom and get on with it.’

It might seem like a small inconvenience to deal with a ransomware scam; pay a few thousand dollars and get your files back; not such a big deal, right?

ransom

The thing business owners forget to factor in is the collateral damage done by a ransomware attack. With the computer system locked up, business will pretty much grind to a standstill. 

No communications.
No access to accounts.
No payroll facilities.
No ability to do work of any kind.

Add to the above, the damage to a company's reputation that being involved in a ransom attack will cause, and the cost of lost opportunities during the time that the computer system is frozen, and you are potentially talking hundreds of thousands of dollars in collateral losses.

The impact from cybercrime attacks resonates through every aspect of a company’s business. The perceived vulnerability to attack erodes an organisation’s standing with supply chain partners, investors and the public alike.

 

Who is at Risk of Ransomware Attack?


In his keynote speech at Microsoft Inspire 2017, Brad Smith - Microsoft President and CLO - called the rise of cybercrime a “wake-up call” and went on to say that “cybersecurity is global in scope and paramount in importance.”

Businesses invest millions in network security and antivirus, yet despite their best efforts, they are collectively losing billions of dollars each year to cybercriminals.

While most businesses use some sort of endpoint virus protection on their computer systems, there is a dawning realisation in the IT world that such measures are no longer effective.

In his MS Inspire keynote presentation, Brad Smith emphasised this gap between the perceptions of the business community and the actual threat posed by contemporary cybercrime, saying; “You can’t defeat the threats of the present with the tools of the past.”  

brad-s-inspire“What we’ve learned is that 90% of all security intrusions start the same way, with an email and a link that takes somebody to a harmful website. Every company has at least one employee who will click on anything, and that is pretty hard to protect against.”

- Brad Smith: President and CLO of Microsoft.

 

What’s the Answer to This Ransomware Epidemic?

Even the most experienced savvy email user can have a moment of haste, carelessness or fatigue when their guard is down. Just practising good common sense isn’t enough anymore, because for ransomware scammers it’s a numbers game; they know that if they keep sending their spam, sooner or later we will slip up and click something we shouldn’t.

The most commonly recommended protection from ransomware attacks is to practice regular automated backups of important files and data to an off-site storage facility. That’s good in theory, but statistics consistently show that the majority of small to medium-sized businesses do not have effective backup strategies in place; leaving them vulnerable to extortion.

One click is all it usually takes for a victim to be ensnared by ransomware.  A link in the email will covertly download a malignant payload, which will encrypt the victim’s files, and they will then face the awful choice of paying a ransom to the anonymous criminals behind the scam or losing all their data.



The most recent advice from the FBI to ransomware victims is
not to pay. The thinking in law enforcement now is that paying ransom-attack criminals does not always guarantee recovery of data, and may actually lead to repeat attacks. With that in mind, it is pretty clear that prevention is the only solution to this growing problem.


How to Protect Your Data from Ransomware Attack

Never
click on links from unfamiliar email senders.

Verify that email is actually from the purported sender by clicking on the ‘details’ box at the top of the message and checking the actual address matches the contact name.  

Doing business online opens up opportunities for collaboration communication on an unprecedented level, but with that opportunity comes significant risk. Cybercriminals use simple vectors like email to infiltrate business networks and inject ransomware. All criminals need to break into your business is a cleverly worded email; if they can trick one person in your company into clicking on a malicious link they can lock up your data and hold it to ransom.

If your company is using an integrated productivity platform like Office 365, then you already know the benefits of cloud-based technology. For a few dollars per staff member per month, you can protect your business with MailGuard's cloud-based email and web filtering security.
Talk to an expert at MailGuard today about making your company's network more secure against ransom attacks.

If you’re experiencing problems, you can speak to one of our cloud security specialists, obligation free, on: 1300 30 44 30