Ransomware drives cybercrime profits in 2017

Version imprimable, PDF et e-mail

As you can imagine, ransomware has become a big business for cybercriminals.  Here are some quick numbers to give you a picture of just how big it has become:

Ransomware activity is fueled by innovated, entrepreneurial criminals.  There are a handful of reasons why this type of crime is so lucrative and widespread:

  • There are multiple ways to infect a victim, including email links, email attachments, website exploits, social media campaigns, compromised business applications, and USB drives for offline infection.
  • Mass email infections are cheap and easy, and there's a relatively low risk of getting caught.
  • Ransomware-as-a-Service (RaaS) makes it easier for new people to get into the business of extortion.  The Cerber ransomware variant mentioned above is the world's largest RaaS, and the Satan RaaS we talked about last week is designed for absolute beginners.
  • Many businesses simply aren't willing to lose files to encryption, or they are unprepared to recover from an attack.  It's often cheaper and easier to pay the ransom.

At this point in the lifespan of ransomware, it's prudent to assume that it's not a matter of if you will be attacked, but when.  There's no reason to think that it can't happen to you.  Hospitals, police departments, governments, and educational institutions have all been attacked.  And while you may be one of the people who think you aren't important enough to be targeted, remember that most of these criminals aren't looking for any particular type of victim.  They simply distribute their ransomware and wait for it to call home.  Or in the case of offline ransomware like Zepto, they don't need it to call home.  They simply distribute the files and see if someone makes a payment.  

We've talked before about using proper data protection strategies to protect yourself from ransomware.  This is important because if there's no free online decryptor for your files, you will want to be able to restore them from backup so that you don't have to pay the criminal.  Still, the best thing you can do is deploy multiple layers of security throughout your infrastructure and make sure your end-users are aware of the risks.  According to a recent survey, less than half of ransomware victims fully recover all of their data after restoring from backup.  This is largely due to user error on the backup configuration, or backups getting encrypted before the IT department finds the infection.  Additionally, you may inadvertently leak sensitive data to an outside party during the restoration or decryption process, exposing yourself to further types of financial loss.

Ransomware is going to remain a threat for a long time.  If you're new to ransomware defense, take a look at this 10-point checklist (pdf) our team designed to help you get started.  When you're ready to learn more about Barracuda solutions for ransomware, visit our corporate site here.

Click here to download the infographic

Don’t Fall Victim to Ransomware

Cyber criminals exploit a variety of vulnerabilities like email, network traffic, user behavior, and application traffic, to insert malware. Protecting yourself from a vulnerability through one of these vectors is a good start, but without a comprehensive security strategy that secures all vectors, from all the advanced threats, you are almost certain to fall victim to these devastating attacks. Simply put, cyber criminals are indiscriminate in their targets, and will gladly extort your data for a hefty ransom.

Barracuda offers powerful tools to detect advanced threats and vulnerabilities already lurking in your infrastructure. Barracuda’s comprehensive portfolio of solutions works together to help you detect, prevent, and recover from ransomware attacks.

Watch our on demand recording to see the innovative ways Barracuda can help you take a proactive approach to mitigating risks.


Remonter en haut de page