A Cautionary Tale About Ransomware

Ransomware attacks are on the rise.  We’ve seen numerous cyberattacks throughout the year, but ransomware has made it on the number one spot. In 2020 alone, Ransom attacks surged by 150% and is only continuing to spike this year. Undeniably, the frequency of these attacks coupled with how refined they have gotten has made it harder for companies to detect and handle these threats.

The main goal of ransomware is to lock and encrypt a target’s device or critical data and hold the victim’s information at ransom. Hackers give the targets a set amount of time for them to make the payment or risk losing the information forever. A few years ago, ransomware predominantly used phishing emails that contained malware to unsuspecting employees to gain access to their network. Many times, actors don’t gain access to sensitive data and are done on a whim, merely looking to exploit a company and get paid. However, things have changed.

Ransomware groups have made this method a business. Their demands have grown exponentially, ranging from mid to high seven-figure ransoms. Hackers have also developed their plan of attack. They gather as much information about the company as they can, noting specifically on their financial situation, and strategize a plan on how to exploit them. Ransomware groups demand payment in cryptocurrency for the encrypted information and warned that if they don’t pay, their information will be posted on the dark web, compromising the company and their employees. The attacks are much more complex and calculated— a much bigger threat to institutions all around the world.

In 2017, a ransomware attack called WannaCry took place in May of that year. It was an online global epidemic that affected thousands of computers across the world, making it the biggest ransomware attack in history. This ransomware targeted computers using Microsoft Windows and would encrypt data and demand payment in Bitcoin. Companies such as Hitachi, Sberbank of Russia, FedEx, and many more were affected by this attack but National Health Service (NHS) in the UK was the most effected, losing an estimate of £92 million pounds in cost. It also rerouted ambulances which lead people in need unattended. WannaCry is estimated to have caused $4 billion dollars in loss across the globe.

In the beginning of 2021, Colonial Pipeline, the largest operator in the US, fell victim to a ransomware attack by a group called DarkSide. The attack caused the corporation to shut down operation for a few days, which led to a widespread panic across the country. Colonial Pipeline decided to pay the $4.4 million USD or 75 Bitcoin in ransom but as of today, only $2.3 million in bitcoin was recovered. A few months later, in May, AXA S.A., a multinational insurance firm, was hit by a massive ransomware attack. It is reported that 3 terabytes worth of data was stolen which included customers’ passport copies, medical records, bank accounts, and many more. This attack impacted operations in Thailand, Malaysia, Hong Kong and the Philippines. In addition to that, just this month, multi-national meat manufacturer JBS S.A. halted operations for two days due to a ransomware attack and ended up paying the hackers $11 million USD.

The list of victims only grows, and ransomware attacks continue to cost businesses millions of dollars in damages. It is predicted that in 2021 ransomware damages would cost $20 billion USD globally, which is 57 times more than it did in 2015. It is also expected that ransomware attacks would launch campaigns at businesses, devices, and users every 2 seconds by 2031 and would cost $265 billion USD in loss. This paints a terrifying future for everyone, making almost anyone susceptible to a compromise.

Ransomware is the fastest growing cybercrime to date due to its get-rich-quick scheme. On average, $200,000 USD in ransom is paid to hackers, making it a highly profitable scam. Threat actors are only getting better as time goes on, targeting more and more businesses across the globe. Cyberattacks are here to stay but by establishing an advance and detailed cybersecurity plan, companies can greatly reduce their risk of a compromise.

Our partner, Illusive, provides an active defense to fend off these attacks.  The Illusive Active Defense Suite stops threats from launching ransomware to a system or an endpoint before it could encrypt any data. Their technology greatly reduces the risk of a ransomware attack by using a probabilistic threat identification approach with deterministic detection based on deception. Ransomware will keep evolving even more over the years and it is crucial for companies to adapt an advance cybersecurity system that detects onset threats before it can get to you.



“What Is Ransomware? | McAfee.” McAfee, McAfee, www.mcafee.com/enterprise/en-us/security-awareness/ransomware.html. Accessed 18 June 2021.

Sharton, Brenda R. “Ransomware Attacks Are Spiking. Is Your Company Prepared?” Harvard Business Review, Harvard Business Review, 20 May 2021, hbr.org/2021/05/ransomware-attacks-are-spiking-is-your-company-prepared.

“22 Shocking Ransomware Statistics for Cybersecurity in 2021.” Safe At Last, safeatlast.co/blog/ransomware-statistics/#gref. Accessed 18 June 2021.

Muncaster, Phil. “Ransomware Attacks Soared 150% in 2020.” Infosecurity Magazine, 4 Mar. 2021, www.infosecurity-magazine.com/news/ransomware-attacks-soared-150-in.

Parent, Michael, and David Beatty. “The Increase in Ransomware Attacks during the COVID-19 Pandemic May Lead to a New Internet.” The Conversation, 15 June 2021, theconversation.com/the-increase-in-ransomware-attacks-during-the-covid-19-pandemic-may-lead-to-a-new-internet-162490.

Kaspersky. “What Is WannaCry Ransomware?” Www.Kaspersky.Com, 26 Apr. 2021, www.kaspersky.com/resource-center/threats/ransomware-wannacry.

“What Is WannaCry Ransomware?” Kaspersky, 26 Apr. 2021, www.kaspersky.com/resource-center/threats/ransomware-wannacry.

Redaktion. “AXA Hit by Ransomware Attack in Asia.” Finews.Asia, 17 May 2021, www.finews.asia/finance/34485-axa-hit-by-ransomware-attack-in-asia.

Farber, Malcomb. “Global Ransomware Damage Costs To Exceed $265 Billion By 2031.” EIN News, 4 June 2021, www.einnews.com/pr_news/542950077/global-ransomware-damage-costs-to-exceed-265-billion-by-2031.