Why Ransomware is a Threat to Availability
According to the FBI, ransomware became a billion dollar industry in 2016. That is right, $1 billion. If ransomware were a legitimate industry, it would be the focus of case studies in every business school in the world as its growth is unprecedented. This growth is attributed to four primary reasons.
- The amount of money being generated
- The consumerization of IT
- The proliferation of cryptocurrency
- The launch of Ransomware-as-a-Service
The money involved is simply staggering. The highest paid ransom to date was paid just a few months ago by a South Korean web hosting company in which all 153 of their web servers were encrypted. Negotiations between company management and the hackers arrived at an agreed price of $1 million that was paid in three installments; each installment decrypting a batch of servers. Thirty days later, a Canadian firm was forced to pay $425k to retrieve their data. The company had little choice as a phishing email attack launched a ransomware attack that targeted not only their data, but their backups as well. Whoever the hackers were, they knew the design of the targeted enterprise very well and we able to implement the attack with pinpoint accuracy.
As hefty as these payouts are, the damage does not stop with the ransom. A recent survey of companies that had experienced a ransomware attack faced additional costs as well including:
- Investment in security technology (33%)
- Money lost from downtime (32%)
- Loss of customers (32%)
In most cases, the cost of the aftermath is far worse than any ransom. A prime example of this was the case of Nuance Communications, a major provider of voice and language tools that was hit with the Petya attack back in June. Three weeks after the attack, the company had still not been able to bring back up some of their critical business operations. What’s more, they reported that the costs of the aftermath would impact their quarterly revenues, sending their stock price, downward as well. Denmark shipping and logistics conglomerate, A.P. Moller-Maersk, reported a negative impact of over $200 million because of a two-week disruption to operations following the Petya attack. Other corporations have reported similar experiences.
Easy Payment and Deployment
Extortion used to be a tough endeavor to pull off. It often involved a drop off point involving a suitcase of hard cash. In fact, early ransomware attacks years ago involved Western Union payments or prepaid cash cards that were sold at retail outlets. None of these payment methods were scalable. They were cumbersome for both parties and were traceable by law enforcement. Ransomware was a rare event because of payment limitations. Then came the popularity of Bitcoin and other cryptocurrencies. These digital currencies allow for decentralized, anonymous and unregulated transactions. All of this makes for an ideal currency for hackers.
Not only is it easy to get paid, it is easy to be a ransomware hacker as well. Ransomware-as-a-Service kits are available for purchase on the dark web for as little as $40. These RaaS distribution channels are highly organized and structured much like a traditional multi-level marketing company. These kits are wizard driven, making it easy for someone with little or no hacker skills to create their own ransomware attacks. Ransoms are shared between the associate and the distribution kingpin.
Email continues to be the dominant distribution method of ransomware through embedded links or malware infected attachments. Even browsing the Internet can result in a ransomware attack as users unknowingly download a malware infection disguised as a download, image, video or plugin update. The fact is that hackers no longer spend their time trying to infiltrate network firewalls. They simply target users, as they are the weakest endpoints of an enterprise.
The Need for Failover Redundancy
Despite the skyrocketing of costs of ransomware and the advancements that have made it convenient, scalable and cheap to implement, many organizations continue to ignore this monumental cyber threat. According to a recent report conducted by the Ponemon Institute, only 46% of companies today consider the prevention of ransomware a high priority. This is astounding considering the fact that many ransomware attacks as of late could have been prevented through regular patching and updating of machines.
Ransomware has vividly shown how truly devastating a ransomware attack can be upon businesses and organizations that rely on an omnipresent connection with their customers, users and partners. This is why high availability and disaster recovery solutions are so imperative today. A ransomware attack is indeed a disaster that can take an organization offline and out of commission. Companies today must have redundant infrastructure in an alternate location such as servers, storage and network infrastructure designed around the replication of data. This isn’t just about being prepared for an outage, but to have a protected location of your data in case one of your sites endures a malware encryption attack. Cloud based failover and network load balancing solutions should be an important aspect of any such enterprise today, because ransomware is only a mouse click away.
Other posts you might like...
The True Costs of Downtime for IT
Downtime is a dirty word in the IT business. Unplanned outages are unacceptable and should not be tolerated. In a universe where customers expect services to be available 99.999% of the time, any time your IT service offering is down is costly to your business.
The Need for Increased Availability is Now
Our predictions for the last half of 2017: Ransomware will keep evolving, the rise of IoT will pave way for increased DDoS Attacks, IPv6 Traffic will continue to grow exponentially, Machine Learning and AI will be applied to enhance security, and the need for increased availability is now.read more
5 Ways to Increase Application Availability
A service provider that offers software-as-a-service or another cloud-based solution should understand what customers are looking for and what compels those very customers to choose an off-premise, “cloud-based” solution vs. the more traditional on-premise, self-hosted solution.read more