Ransomware is malware (malicious software) that utilizes encryption to hold a victim’s data ransom. Important data is encrypted to block the owner’s access to files, databases, or software. To gain access, a ransom is then demanded. The most dangerous aspect of ransomware is how rapidly it can spread across a network and affect all of an organization’s databases and servers.
Cybercriminals make billions of dollars from ransomware, and businesses and governments pay a high cost in ransom, expenses and lost data.
Recent Ransomware Attacks
Companies like the Colonial Pipeline, Steamship Authority of Massachusetts, JBS (the world’s largest meatpacker), and the Metropolitan Police Department of Washington, DC were attacked in 2021. The ransom payments to the hackers caused the shutdown of critical infrastructure and subsequent deficiencies, enhanced costs of goods/services, the shutdown of operations and financial losses.
Attacks on the healthcare sector
In 2020, ransomware attacks cost the economy $20 billion in impacted revenue, lawsuits, and ransom paid, according to a new report. A total of 92 ransomware attacks hit more than 600 healthcare facilities in 2020.
Colonial Pipeline Attack
In April 2021, due to the pipeline’s critical role in the national infrastructure system, this attack had a significant impact on the US. Major disruption in gas supplies caused an uproar on America’s east coast after system failures halted the flow of gas.
Brenntag, a chemical marketing firm, was targeted by DarkSide in May 2021. The hackers stole 150GB of data, for which Brenntag paid $4.4 million (of the $7.5 million demanded).
In April 2021, the REvil gang demanded a $50 million ransom from computer manufacturer Quanta. Apple product blueprints obtained from Quanta were leaked, and the hackers threatened to expose more sensitive information and files.
The REvil hacker group, which also targeted Travelex, a London-based foreign exchange firm, attacked Acer in May 2021. To date, the $50 million ransom is the largest ever recorded.
A ransomware attack on a large insurance firm occurred in March 2021. The hacker group targeted CNA’s network, encrypting 15,000 devices, many of which belonged to remote workers.
In April 2021, the hacker group Babuk was alleged to have compromised 500GB of private documents about the Houston Rockets from the National Basketball Association (NBA).
The Avaddon gang struck European insurance company AXA in May, shortly after major alterations to their insurance policy were made public.
How to Avoid Ransomware Attacks
Be prepared to lessen the chances of an attack. Ensure you have anti-ransomware software installed on all of your computers. If a link is not safe, do not click on it.
As a result of malicious websites, software downloads, and spam mail, ransomware infections can spread. To avoid phishing, do not give out personal information. Never open an attachment from an unknown email. Keep your software and operating system current.
Not only should you avoid downloading files from untrusted sources, but avoid using USB drives. When using public WiFi networks, be cautious. Use only a VPN.
What to Do When You Are Attacked?
To begin, never pay a ransom to decrypt your files when you have no way to be sure you’ll get them back. Your Wi-Fi should be turned off and the network disconnected. Investigate the attack online using a different device to find out the type of ransomware and any other info displayed on your screen. Take a picture as a record. Consult an expert about your system and notify the appropriate authorities about the attack. And to protect others from the attack, please report it to Bitcoin Who’s Who here: Report Bitcoin Ransomware