BotNet News

You open your computer and see the message: “Your files have been encrypted and you need to pay a ransom to unlock them.” A few years ago, cyber criminals started targeting businesses with extortion threats. They exploit security weaknesses to lock up your critical data, encrypt it and demand payment to unlock the files. Attackers often target small and medium-sized businesses (SMBs) because they typically have more lax cybersecurity measures in place than large companies, which makes them easy targets for hackers. They also tend to attack sectors that require quick access to information, such as health care and manufacturing.

These attacks often start with a phishing email or social engineering. Once the malware is on a system, it searches for and encrypts valuable files, often leaving behind a ransom note with instructions on how to pay, typically in Bitcoin. As ransomware matured as a business, criminals formed gangs and started offering ransomware-as-a-service on the dark web. The number of attacks and victims, and the amount of money demanded, grew dramatically.

The COVID-19 pandemic accelerated the rise of ransomware attacks as it enabled employees to work remotely and mix personal and professional digital environments, which exposed additional vulnerabilities for bad actors to exploit. In addition, the shift to virtual and mobile systems created a seamless connection between your internal and external networks, which gave bad actors new ways to compromise data.

Unlike many other cyberattacks, paying the ransom doesn’t guarantee a fast recovery or a successful restore of your encrypted files. In fact, paying may make your data more vulnerable to future attacks and puts your business at risk of being added to a list of “ransomware extortion victims.”