It’s no mystery that ransomware is one of the biggest concerns for cyber security, but it’s still mainly underestimated. Until an enterprise organization experiences just how devastating ransomware can be, the organizations usually disregard security to protect from it. Ransomware holds data hostage, and there is no reverse solution to undue its encryption unless you pay the ransom. Even if you do, there is no guarantee that you’ll get the key to restore data. Here are four ways it’s bound to get worse.
- Diversions
Petya is an example of a diversion method. While it encrypted data, it also destroyed it. The damage was irrevocable. Imagine having Petya on your corporate network and taking time to rebuild from backups. It can take hours to get your data back after such a terrible attack. Diversionary tactics are used to show the victim one issue but really do other activities such as destroy data, steal it, or even edit it.
- Blackmail
At the heart of ransomware is the blackmail component. It blackmails in obvious ways such as encrypting your data and refusing to release it unless you pay a fine. However, there can be another part of blackmail we’re sure to see. Blackmail includes stealing data and holding it ransom for a fine. It doesn’t need to be encrypted to hold value to the victim who might not want it released to the public.
- Enterprise-Level Ransomware
A decade ago, hackers commonly destroyed data for fun and for fame. Now, hackers do it for the cash and no individual has data like an enterprise. Enterprise-level ransomware has shown to be much more destructive and have a higher value to the attacker. The enterprise loses money when an attacker is able to encrypt its data, so there is a higher reward value for stealing or encrypting its data.
- Network Propagation
Ransomware creators have gotten more savvy in ways they spread malware. SMB exploits like EternalBlue or EternalRomance allowed Bad Rabbit to spread and take advantage of unpatched systems. When ransomware can act like a worm, it can destroy entire countries where infrastructure isn’t as sophisticated and data isn’t as secure.
With ransomware being one of the most devastating malware, it’s used more often in recent years. Its popularity among hackers makes it even more important for companies to have the right monitoring and anti-malware systems in place.