According to IBM’s threat intelligence report, ransomware has been named as the top type of cybersecurity attack in 2021 and an organization fell victim to a ransomware attack every 11 seconds. But in a recent article from Cybersecurity Ventures, it is predicted that this will drop to a staggering 2 seconds by 2031. With ransomware attacks increasingly becoming more of a threat to businesses, what is it and how can you protect your organization?
In this article we will cover:
- What is ransomware?
- What is the most common delivery method of a ransomware attack?
- What is the cost of a ransomware attack?
- What are the five stages of a ransomware attack?
- What can an organization do to prevent ransomware attacks?
What is Ransomware?
Ransomware is a type of malicious software that infects a computer and other digital devices, restricting access and threatening data destruction unless a ransom is paid. The two main functions used for ransomware are either the core operating system using lockout mechanisms, or possession of data files by encryption.
What Is The Most Common Delivery Method of a Ransomware Attack?
More than 90% of ransomware attacks are delivered by email phishing. Other delivery methods include weak passwords and access management, report clickbait, malicious websites and lost/stolen user credentials.
What Is The Cost of a Ransomware Attack?
Ransomware attacks can be financially devastating to businesses, and the cost will vary depending on the threat actor but on average could cost $4.54 million. In the Who’s Who In Ransomware Report from Cybersecurity Ventures it is predicted that by 2031, ransomware could cost victims $265 billion annually.
Although 2031 feels lightyears away, there are actions that can be taken today to help prevent businesses from falling victim to a ransomware attack.
What Are The Five Stages of a Ransomware Attack?
- Distribution – the method of distributing the attack, such as a phishing email
- Command and Control – once inside, the ransomware will establish a connection with the threat actors server to receive instructions
- Credential Access – the malware continues with the attack by stealing credentials and gaining access to more accounts in the network
- Data collection and exfiltration – data will be collected and the attacker will begin to exfiltrate and encrypt local and network files to use them as ransom
- Deployment – payment is demanded to release or decrypt the files back to the business
What Can An Organization Do To Prevent Ransomware Attacks?
There are many ways you can protect your organization against ransomware attacks including:
- Secure your email with tools such as S/MIME
- Training employees on types of cybersecurity attacks
- Back up your data and create a recovery plan
- Regular patching of software used within the company
- Have strong password security and invest in multi-factor authentication
- Have an incident response plan and team in place
While taking these steps may not protect you 100%, they’ll go a long way to preventing, protecting and mitigating any ransomware threat in the foreseeable future.
Editor's Note: This article was originally published in 2018 and updated in October 2022.