Email Security Blog

Why the Growing Ransomware Trend is So Hard to Stop

If you’ve let your guard down in recent months, your company could be the next target of a ransomware attack. The huge uptick in ransomware attacks has been felt around the world. In fact, 2021 could see a 57% increase in the number of attacks from the prior year, with an average recovery cost of about $1.85 million.1

Sadly, few industries have escaped the recent perils of ransomware attacks. If you believe otherwise, consider the following:2,3,4,5

Oil and Gas – Colonial Pipeline: Gasoline supplies to much of the east coast were disrupted

Food Supply and Distribution – JBS S.A.: The largest meat supplier in the world had a quarter of its U.S. beef operations rendered inoperable for two days

Financial and Insurance – CNA Financial Corporation: This large insurance company was locked out of its network for nearly two weeks

Utilities – Bruce T. Haddock Water Treatment Plant in Florida: Hackers remotely raised the levels of sodium hydroxide in the water to dangerous levels

Healthcare – Scripps Mercy Hospital in San Diego: Digital resources, including patient scheduling, lab reports, X-ray images and more, were halted.

Manufacturing / Technology – Acer: The cyberattack this computer giant experienced came with the largest known ransom to date of $50 million

The question asked by so many is why do ransomware attacks continue to be so prevalent? There are a number of different reasons to be considered.

Vulnerabilities. Much like leaving your keys in the ignition attracts car thieves, vulnerabilities in software and systems are irresistible to cybercriminals. The Florida water treatment plant mentioned above was using a version of Windows 7 that had not been updated in more than a year when they were attacked.3 Microsoft Office and other platforms have been exploited by hackers who send phishing emails with rich text format (RTF) attachments that deliver ransomware.6 And of course, many companies rely on simple virus protection software or standalone Secure Email Gateways (SEGs) to prevent the types of email phishing scams that carry ransomware in their attachments.

Profiting Companies. Insurance companies offer cybersecurity coverage and ransomware is included. The cyber insurance market is expected to grow to $28,602.10 by 2026.7 One can assume that means paying ransomware is good business for insurance companies because when the ransomware business is booming and attacks are occurring, insurance companies sell more coverage. That said, it probably comes as no surprise that insurance companies often advise their clients to pay ransoms rather than suffer through the recovery. When the Lake City Florida Police Department was attacked in 2019, they were advised by their insurance carrier to pay the ransom was because the recovery efforts have cost more than their $1 million policy would allow. City spokesman Michael Lee, a sergeant in the Lake City Police Department, said. “At the end of the day, it really boils down to a business decision on the insurance side of things: them looking at how much is it going to cost to fix it ourselves and how much is it going to cost to pay the ransom.”8

Cybercrime is a lucrative business. Ransomware price tags have risen to unprecedented levels. To hackers everywhere this says “crime pays”.

Paying the ransom can be the easy way out. Downtime and recovery can be as expensive as the ransom amounts demanded. In May 2021, the North American division of chemical distribution company Brenntag experienced a cyberattack. The cybercriminals originally demanded more than $7 million in exchange for 150GB of data during their attack. To prove they had the actual files, the hackers set up a private data leak page with screenshots and descriptions of the stolen information. In the end, Brenntag negotiated a lower amount and ultimately paid $4.4 million in bitcoin.9

Lack of admission. Nobody wants to be saddled with the embarrassment that often accompanies a cyberattack. Letting clients, prospects, and board members know your security measures were less than adequate is a hard message to give. As a result, ransomware attacks are underreported, making it more difficult for agencies like the FBI’s Internet Crime Complaint Center (IC3) to get the intel they need to stop the reoccurrence of these attacks. Even the FBI, who reported to have received 2,474 complaints identified as ransomware with adjusted losses of over $29.1 million was careful to note that these numbers probably don’t tell the whole story.10

Finding a solution.

When it comes to stopping ransomware attacks entirely, there are no easy answers. There is, however, a way to slow the trend and keep your company safe. The more businesses that are protected from ransomware and the harder it becomes to successfully execute a ransomware attack, the fewer there will be. For this to happen, businesses need to best email security protection for their business and they need to keep employees constantly trained to recognize and avoid phishing emails. INKY keeps businesses free from ransomware and trains employees in one fell swoop.

Driven by computer vision, machine learning, and artificial intelligence, INKY blocks the malicious emails that carry ransomware. Even the most sophisticated phishing threats – the ones that secure email gateways (SEGs) and virus protection software programs can’t detect – are no match for INKY’s intelligent machine learning algorithms. As for training employees, INKY places a simple banner at the top of every email, alerting users of dangerous and suspicious emails. This subtle form of training keeps cybersecurity front of mind all year long.

Learn more about what a phishing attack can cost your business, and how INKY® can help prevent it.

Request an INKY demonstration today.

----------------------

INKY® is the most effective hero in the war against phishing. An award-winning cloud-based email security solution, INKY® prevents the most complex phishing threats from disrupting or even immobilizing your company’s day-to-day business operations. Using computer vision, artificial intelligence, and machine learning, INKY® is the smartest investment you can make in the security of your organization. INKY® is a proud winner of the NYCx Cybersecurity Moonshot Challenge and a finalist in the 2020 RSAC Innovation Sandbox Competition. Learn more about INKY® or request an online demonstration today.

1Source: https://cyware.com/news/breaking-down-the-ransomware-trends-in-2021-e25a6a4c

2Source: https://nymag.com/intelligencer/article/ransomware-attacks-2021.html

3Source: https://abcnews.go.com/US/outdated-computer-system-exploited-florida-water-treatment-plant/story?id=75805550

4Source: https://www.sandiegouniontribune.com/news/health/story/2021-05-24/scripps-enters-fourth-week-of-ransomware-pain

5Source: https://securityboulevard.com/2021/04/10-major-cyber-attacks-witnessed-globally-in-q1-2021/

6Source: https://www.csoonline.com/article/3572336/4-top-vulnerabilities-ransomware-attackers-exploited-in-2020.html

7Source: https://www.alliedmarketresearch.com/cyber-insurance-market

8Source: https://www.propublica.org/article/the-extortion-economy-how-insurance-companies-are-fueling-a-rise-in-ransomware-attacks

9Source: https://www.bleepingcomputer.com/news/security/chemical-distributor-pays-44-million-to-darkside-ransomware/

10Source: https://www.ic3.gov/Media/PDF/AnnualReport/2020_IC3Report.pdf

Topics: