Ransomware is Big Business Now
The risk of ransomware attacks that organizations face is growing exponentially. In 2015, the reported losses from this type of cybercrime totaled $24 million, and last year, that value shot up to $209 million. And that’s just in the US. About half of European companies confirmed to Radware researchers that cyber ransom had been the top attack motivation. Looking at this type of surge, the FBI predicts ransomware will become a billion dollar business in the near future.
While some businesses report keeping some emergency Bitcoin on hand to pay off the attackers (which I would imagine only encourages the behavior), the number seems to be negligible. What is more concerning is the change in tactics, with more hackers, determined to increase the chances of a successful extortion, adopting doxxing. Doxxing isn’t a new strategy by any means, but now the bad guys are threatening not only to hold private data hostage, but to release it to the victim’s contact lists. In this more vicious scenario, withholding the ransom becomes a much less risk free option. Backing up your files alone isn’t going to solve the problem. Celebrities of all stripes have been subject to doxxing for a while (in fact some of my earliest stories here involved that), but now the illicit practice is spreading to target the average consumer on a wide scale. As a result, patient information becomes exposed and people become vulnerable to fraud and identity theft.
The effects can also increase the damage to healthcare providers. Ordinarily, ransomware can cripple hospitals who can’t access patient data, severely disrupting critical operations. This new doxxing wrinkle adds another headache onto what was already pretty catastrophic. Now, it’s not just a service issue for an organization, but a full blown breach: a breach that necessitates involving HIPAA compliance and dragging the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) into the mix.
With STARZ’s Black Sails series returning for its final season last weekend, it’s interesting to look at these current methods of piracy in an historical context. After all, worsening conditions eventually effects a change in commercial practices. During the time of Henry VI, for example, attacks on ships got so pervasive that is became actually cheaper to send goods from London by land, traversing rivers and mountains, than the generally less expensive sea route. Those who dared the waters did so at their own risk, and often made sure to be excessively prepared for brigands.
Of course, I don’t really expect ransomware to drive organizations to abandon digital data storage, but I do wonder what sort of proactive measures will be conceptualized in the future. The emphasis on prevention over mere detection has been picking up steam. Experts advocate for last lines of defense, such as application whitelisting and Software Restrictions Policies, to catch suspicious executables that make it past perimeter protections. User awareness and employee training also remain tantamount as always. Otherwise, more consumers and organizations alike will fall prey to these ransomware raids.