European police and the private sector have released statements indicating that there are now fewer cyberattacks directed at individuals. While there was no figure or percentage of the decrease mentioned, they did go on to say that the current attacks still taking place are now bolder than any that have come before.
The reasons aren’t too hard to discern. With more security and more at stake, criminals are taking their initiative to new heights and making sure their attacks are worth the effort.
According to Europol’s Internet Organised Crime Threat Assessment or IOCTA, the top cybercrime of 2019 is ransomware. Ransomware is a type of software that cybercriminals use to steal data from internet users and hold the information for ransom, extorting money from individuals and companies alike. Despite cybercrime slowing down as a whole, ransomware has only managed to pick up speed.
Attacks from ransomware have doubled in the last six months of 2019, half of them focusing on the manufacturing industry.
Even though attacks only doubled, financial losses to ransomware rose a full 60%, rising up to $8 billion in losses. One of the reasons for this trend is that cyberattackers use GermanWiper combined with ransomware.
GermanWiper rewrites content and completely and permanently destroys data whether people pay the ransom or not.
2018 Atlanta Cyberattack
One of the most prolific ransomware attacks happened in Atlanta, Georgia, between March 22 and April 2 of 2018. Cyberattackers hacked into the city’s systems rather than those of an individual or company.
Using SamSam malware, the ransom asked for about $50,000 in Bitcoin, though the value has fluctuated since. The city hasn’t said if they paid the ransom or not, but the attacks did take the payment portal away and forced the city to recover on its own.
The recovery effort cost Atlanta about $2.7 million in the long run, most of the money going toward incident response and cloud infrastructure. Included in the cost, the city also spent $50,000 on crisis communications services and $600,000 on incident response consulting. However, Atlanta’s investment in cyberdefenses will protect them and see that they save money in the future.
Though Atlanta could have saved a lot of time and money on just paying the initial ransom, assuming they didn’t take that route, experts don’t recommend this course of action. They believe that the best course of action is to invest in defenses like software updates, hardware backups and other forms of keeping information safe. Otherwise, the problem will just persist.
Dave Chronister, the founder of Parameter Security — which specializes in corporate and government defenses — also believes that paying these ransoms exacerbates the issue. “It may be a Pollyanna belief, but you’re only feeding the problem if you pay. It only works if people are actually paying it, and instead that money could go a long way to actually fixing your stuff beforehand.”
Other municipalities have taken what happened in Atlanta and other cities as warning signs to buff up their own security measures.
There are cybersecurity and technology experts available to speak at conferences or just one-on-one to businesses so that more people can learn about how to protect themselves. Learning more about the problem and where these trends are headed can put a stop to ransomware before it gets any worse.
New Threats, New Protections
Though cyberattackers may be constantly adapting to their environments, so are security professionals. As long as we remain creative and vigilant, our data should be kept safe from criminals desperately seeking easy money.
One of the first steps to combating ransomware, however, is to not give in. Fighting back against the threat to make the task harder for criminals will continue to deter more potential criminals from following the same path.
Written by Kayla Matthews, Productivity Bytes.