Why are we experiencing ‘the perfect storm’ for ransomware?

ransomware

“Paying a ransom to cyber criminals and take it for granted won’t help in the fight against ransomware.” This warning comes from a recent report of the Royal United Services Institute (RUSI), a British defense and security think tank.

Ransomware is more successful than ever. Its success results from several factors allowing cyber criminals to more easily access company networks. This warning comes from a report by security think tank RUSI. The report states that we are witnessing ‘the perfect storm’ for cyber criminals, in which they can attack companies around the world by means of ransomware.

Normalization
The ideal circumstances for this perfect storm include the ease with which cyber criminals can introduce ransomware into companies, the amount of ransomware payouts (according to which companies obey the attackers’ requirements) and the way in which the corona pandemic has made it easier for malicious hackers to enter networks. “The more affected organizations are prepared to pay the ransom, the more there will be a general acceptance that paying the ransom will solve the problem. This way, we will keep encouraging cyber criminals to continue attacking us,” the report states.

Prepackaged ransomware
Still according to the report, even cyber criminals without too much knowledge can relatively easily learn to work with ransomware. The attackers can buy pre-packaged and ready-to-use ransomware online: ransomware as-a-service, according to which the suppliers receive a part of the ransom money the attackers collect. “Research has shown that organizations providing ransomware are ever more actively searching for new talent. The increasing extent of this phenomenon is alarming,” the report states.

Solid protection
Cyber criminals manage to enter company networks in different ways, such as by means of phishing. “The high amount of remote work during the corona crisis, according to which employees rely on e-mail and remote services, has only been playing into the hands of cybercriminals,” according to the report, which concludes that ransomware attacks will only stop when ransomware won’t be profitable anymore. “Organizations must work securely in order to prevent ransomware attacks.” In that case, the ransom won’t be an issue anymore. Once more, it appears that the importance of a dedicated ICT partner can’t be overestimated.

Source: RUSI report. (https://rusi.org/sites/default/files/263_ei_ransomware_final_0.pdf)