Even if you are not a cybersecurity expert or IT professional, you probably have heard about . The information about ransomware attacks is emerging every now and then from newspapers, the internet, TV, etc. You could have noticed that has been especially abundant in such news: “unprecedented rise of ransomware”, “ransomware is the biggest cybersecurity threat”, “top ransomware attacks”, “companies paralyzed by ransomware attacks”, etc. So what a monster is that? Who can be affected? How to get rid of it…or maybe to prevent it? ransomware 2020 What is ransomware? Ransomware is (a.k.a malicious software) infecting your computer or any other devices with a code, l , or e (making them unreadable for you). After your device is infected, the cybercriminals will demand you to pay a (that’s why it is called “ransomware”) to give you access to your own data. Ransomware can affect a single file, a PC, an entire network, and even a server. Imagine what a headache is losing access to your own data. No double, triple, quadruple it multiple times for the companies. A ransomware attack is a complete nightmare especially for companies dealing with (for example in finance and healthcare industries) as hackers threaten to unless the ransom is paid. Will the cybercriminals keep their word? Not obvious at all: many companies asserted that the criminals have published the data, even after the “deal” was made. malware ocking your device ncrypting your files ransom large databases sell that data Any device can be infected, ransomware attacks can cause , and as a result, affect your . It’s not surprising, that . downtimes compromise your clients’ data company’s reputation ransomware is considered one of the biggest cybersecurity threats How does ransomware infect your devices? There are several ways to “catching” ransomware, and it is important to be aware of all of them. Ransomware is spread through: · — such e-mails contain malicious (word, pdf) or to malicious websites. This is the most popular method: researches show that of ransomware is delivered via phishing e-mails. Phishing e-mails files links 65% · — similarly to spammy e-mails, the encrypted files or malicious links can be sent through apps. Social media instant messaging · — often hackers the address of the website to fool the users. If you enter such a website, your computer can catch malware. How does it work? The cybercriminals usually change , so the fake site name looks similar to the original one. For example, they can replace “g” with “q”, “i” with ”I”, letter “o” with number “0”, etc. Fake websites misspell one or two letters · — it occurs when you visit a website infected by malware and it’s downloaded into your device (even if you didn’t click anywhere) and infects the endpoint. Of course, this happens mostly on fake websites, but it’s not necessary at all: the hackers can insert the malware script on (for example, they often compromise video streaming portals) Drive-by downloading automatically any website · (a.k.a. malicious advertising) — as the name implies, it is malicious online advertising ( , mostly ransomware). Such advertising can appear on any reputable website and can infect your computer even without your interaction (drive-by-download). Even the sites with strict advertising criteria are at risk (the criminals can start with good ads, and then switch them to ads delivering ransomware). Malvertising online advertising infected with malware · — there are different types of such pop-ups, for example, pop-up containing malware, fake pop-up you that your computer is infected with ransomware (in reality it is not, but they keep bombarding you), fake pop-ups inserted by criminals on reputable sites and (for example on banking sites). Dangerous Pop-Ups ads messages “warning” requiring people to share their personal data Ransomware in 2020; Covid-19 impact Ransomware dates back to the It all started from an infected floppy disk: the first ransomware, (a.k.a. PC Cyborg) was spread among thousands of healthcare professionals. It was quite easy to beat, but it clearly became a catalyst for future events. During the , ransomware developed massively (especially starting from the 2000s) creating havoc in hundreds of thousands of companies all over the world. 1980s. AIDS Trojan next decades was unprecedentedly successful for ransomware attackers. How cyber-criminals took advantage of ? 2020 Covid-19 pandemics · With millions of employees forced to shift to because of , cyber-criminals used the opportunity to attack vulnerable networks. work-from-home lockdowns · The cyber-criminals targeted mostly the industries dealing with (especially in pandemic period): , etc. large amounts of personal data government, banking, manufacturing, healthcare source: https://www.trendmicro.com/ · The criminals kept sending with content related to . Such e-mails are real-looking and include the hottest topics: scams associated with , free downloads of , any information concerning (vaccines, sanitizers, masks, etc.). They are mostly targeting anxious users, who will click the malicious links or will download malicious files. phishing e-mails Covid-19 economic impact payments conferencing platforms COVID-19 · Cyber-criminals aim to make you enter infected websites offering COVID-19 information. Either they build sites on or related domains, or hack such legitimate sites and infect them with ransomware. “covid19” “coronavirus” As a result, ransomware became especially nasty, and successful ransomware attacks have grown drastically in 2020. · In , ransomware attacks increased by over February 2020, due to COVID-19. The financial sector was especially affected ( of ransomware attacks ) March 2020 148% 52% · , global ransomware attacks have grown by 40% ( ); the US saw a In Q3 2020 199.7 million cases 139% ransomware growth (145.2 million cases) · Ryuk ransomware ( , has grown to This is one of the most popular types of attacks ( of global ransomware attacks in 2020) 5,123 attacks in Q3 2019) 67.3 million in Q3 2020. 33.7% · In 2020, new organizations fell victim to ransomware attacks . Cybersecurity Ventures predicts that i every 10 seconds n 2021 there will be ransomware attacks on businesses every 5 seconds. · In 2020, cybercriminals got approximately from ransomware profits (which means compared to 2019) $370 million known 336% increase · Ransomware costs are predicted to cost (57 times more than in 2015). $20 billion in 2021 How to prevent ransomware As we can see ransomware is definitely the fastest-growing type of cybercrime, and it’s not planning to go anywhere in 2021. Moreover, the more successful and profitable the ransomware “business” becomes, the more new ransomware criminals emerge (and they are using more and more sophisticated approaches). , What to do if your device is already infected by ransomware? First of all, ! As announced by the FBI, paying a ransom is a bad idea, primarily because even if you pay, there’s no guarantee that criminals will unlock your device/files; or they may give you access to your files, but publish the data anyway. never pay the ransom Getting rid of ransomware often requires serious technical skills, time, and money. According to cybersecurity experts, to protect from ransomware, you must… it. prevent · Back up regularly. You can use highly protected cloud storage or an external hard drive ( from the computer after each backup) your data disconnected · Regularly to close them for attackers. Enabling automatic updating is a good idea. update and patch your software/systems · Use , update them regularly, use when possible. strong passwords two-factor authentication · Never click . Stay vigilant while opening any site ( ). untrusted, suspicious links, e-mails, attachments, pop-ups read carefully the URLs · , educate yourself (as well as your employees, end-users), learn how to detect fake websites, phishing e-mails, etc. Make security your company’s second nature, organize cybersecurity awareness training to fully cover the topic (investing in is a must, especially if you have a big company dealing with lots of personal data.) Stay tuned Cybersecurity Awareness · (contact details, banking information, etc.) without carefully verifying the sources asking for such information. Never disclose your personal data · Use to prevent ransomware attacks (this will reduce the criminals’ chances) email protection systems · Invest in blocking ransomware. With the sophisticated techniques used by cyber-criminals today, using perimeter cybersecurity products is not enough. Remember that the ransomware criminals aim to lock your data, this means you should always stay at least one step ahead of them: make your data unreadable and useless for the criminals…even if it’s breached! cybersecurity software