From invoices to pay, to project briefs to work on, to emails to answer, to customer orders to fulfill, every successful business has no shortage of tasks it should be carrying out at any given moment. But what if you weren’t able to get on with any of these because someone had locked you out of your office? The only way they would unlock it, the mystery wrongdoer said, would be for you to hand over a large sum of money, after which they would return the door keys to you.
This, in essence, is the threat of a ransomware attack: a particularly malicious form of cyber attack in which attackers try to extort money from victims through the threat of lost access to sensitive data, computer systems, and other vital files and services. One of many cyber security threats organizations and users face, ransomware attacks are typically carried out by using malware to infect a target system. This malware renders it inaccessible unless a ransom is paid.
The extortion fee is usually demanded in cryptocurrency, such as bitcoin, so as to make it more difficult to track the identity and whereabouts of the attacker. Once this sum has been paid, the attackers promise to send a decryption key to decode the encrypted files and systems so that they are once again usable.
In some particularly nasty cases, ransomware attacks are made even damaging by exfiltrating files from the victim, which the attacker then threatens to share in the event that a ransomware ransom is not forthcoming. Unfortunately, this twist on “traditional” ransomware is becoming more widespread over time.
The ransomware attack on Kaseya
Ransomware attacks have been ramping up in frequency over the past several years. Overall damages from cybercrime is expected to reach a mind-boggling $6 trillion in 2021. This, astonishingly, is double the $3 trillion sum it represented in 2015. Ransomware remains one of the most common forms of cyber attack, which are only increasing in popularity (not, of course, popular among targets) in an age in which computational infrastructure is more heavily relied on than ever.
This year, a ransomware attack being hailed as the largest such attack on record, has hit hundreds of businesses around the world. These range from schools in New Zealand to Swedish supermarkets. All told, the attack has affected anywhere from 800 (as an extremely low-end estimate) to almost 2,000 international businesses. It additionally impacted both local and state governments and agencies.
The ransomware attack targeted the Kaseya firm, a company that creates tools for maintaining IT systems and — somewhat ironically — managing areas like security. The attackers were apparently able to leverage a vulnerability in Kaseya’s software, which was then pushed out to customers. As such, it was reminiscent of a previous attack involving SolarWinds, in which attackers were able to compromise vendor software so that it sent out a malicious software update to customers.
In the Kaseya attack, which took place in early July, attackers were able to access large quantities of customer data, which they then demanded Kaseya pay $70 million for if they wanted its safe return. It sent shockwaves through the industry — not just because of the large ransom demand, but also because attacks sent through a trusted channel (such as a software update from a company trusted with an organization’s security) is underhanded even by the standards of cyber attackers.
Not the only kind of cyber attack
Ransomware isn’t the only kind of cyber attack organizations face in 2021. Whether it’s other malware attacks like cryptojacking, spyware and trojans, social engineering attacks such as phishing, distributed denial of service (DDoS) attacks, man-in-the-middle attacks or injection attacks such as SQL injections and cross-site scripting (XSS), there are no shortage of ways that bad actors can make life a misery for their targets.
Educating yourself about cyber security and the threats faced is a smart move in order to avoid being the victim of an attack. For instance, avoid clicking suspicious links in emails. However, to truly protect yourself it’s a smart idea to bring in cyber security experts. Fortunately, the tools are available to help.
Solutions such as Web Application Firewalls (WAF), Runtime Application Self-Protection (RASP), API Security, and Advanced Bot Protection can identify and block attacks in progress, while also safeguarding access points. While it’s true that there is no “one-size-fits-all” solution that will solve every possible cyber attack, using a combination of these approaches will protect against almost any attack that’s directed your way.
For any organization that is worried about the potential damage of a cyber attack (which, frankly, should be every organization), cyber security tools like this are a game-changer — whether for the people who run businesses or the customers who rely on them on a daily basis.
