A ransomware attack is one the most serious cyber threats and is gaining a lot of traction in tech circles. In such an attack, a bad actor will first exploit some weakness in the network and gain unauthorized access to sensitive data. The perpetrator then encrypts the whole and may even make a copy of the entire data.
Once a Ransomware Attack has been successfully executed, the breached entity can no longer access its own data. Even if data is accessible, it is in encrypted or unintelligible form. The perpetrator will then demand a certain ransom in return for decrypting the data so that it becomes usable again.
One of the biggest challenges around any ransomware attack is that the true intent of the perpetrator is very difficult to ascertain. The attacker may take the ransom and still destroy the data. Another risk involved is that data integrity can be severely compromised, even if the demanded ransom has been paid.
A recent survey conducted by an IT based research firm has revealed disturbing insights surrounding some of the recent ransomware attacks. The main disturbing feature of these attacks is that they are showing no visible signs of slowing down. The trend of such attacks is likely to carry forward to the year 2020.
The other disturbing aspect of recent ransomware attacks is that in addition to state level organizations, even some federal entities have been the target of ransomware attacks. This speaks volumes of the growing influence and confidence of cyber criminals.
A very major motivator for ransomware attacks is the element of pay off in exchange for decrypting the data. The other thing which greatly complicates the whole process is that most ransom payments are executed under the carpet and seldom come to light.
As per the survey stats, about 30% of federal and 32% of state organizations that were part of the sample complained of being subjected to a ransomware attack over the past three years. The other alarming statistic of this survey was that 24% of these entities ended up paying money to recover their data.
Although the act of paying ransom runs contrary to the recommendations of both the FBI and Department of Homeland Security, the breached organization is generally out of options once it’s critical data has been locked out or encrypted by a cyber criminal.
The other painful alternative to paying ransom is to attempt decrypting the data but this is a high risk option and puts the entire data stack at grave risk. The survey also highlighted phishing, malware and ransomware as the top three cyber threats faced by both federal and state level public organizations in 2020.