Monetary Gain the Major Reason behind the Increasing Ransomware Attacks

In the recent times, a lot have been said about the increasing cyberattack due to increasing remote working, money being the prime motive. Several reports claim that the hackers are upgrading themselves to break any security measure that companies and professionals adopt. In its new report ‘2020 Data Breach Investigations Report’, Verizon states that financial gain remains the key drivers for cybercrime with nearly nine in 10 (86 percent) breaches investigated being financially-driven, which is up from 71 percent last year. Cloud-based data tops the chart where web application attacks have double to 43 percent, whereas 67 percent of breaches are caused by credential theft, errors and social attacks.

Time and again, the experts have emphasized on following and applying strong credentials that are difficult to be stolen. But suffers are those who didn’t follow the suite. Around 37 percent of credential theft breaches used stolen or weak credentials. Well this highlights the importance of using strong credentials. Tami Erwin, CEO, Verizon, says, “As remote working surges in the face of the global pandemic, end-to-end security from the cloud to employee laptop becomes paramount. In addition to protecting their systems from attack, we urge all businesses to continue employee education as phishing schemes become increasingly sophisticated and malicious”. The biggest threat for small organizations are phishing, which accounts for over 30 percent of breaches, followed by the use of stolen credentials (27 percent) and password dumpers (16 percent).

The biggest threat for small organizations are phishing, which accounts for over 30 percent of breaches, followed by the use of stolen credentials 27 percent and password dumpers 16 percent.

Yet another global survey by Sophos claims that paying the ransom doubles the cost of recovering from a ransomware attack, which may average to around $1.4 million if organizations pay the ransom, and $730,000 if they don’t. In its global survey ‘The State of Ransomware 2020’, Sophos reveals that around 82 percent of Indian organizations were hit by ransomware, a 15 percent increase from 2017, mostly in cities like Delhi, Bangalore, Kolkata, Mumbai, Chennai and Hyderabad. To rectify the impact of ransomware, the organizations incurred around Rs.80,270,000.

“Organizations may feel intense pressure to pay the ransom to avoid damaging downtime. Our finding shows that paying ransom makes little difference to the recovery burden in terms of time and cost. This could be because it is unlikely that a single magical decryption key is all that’s needed to recover. Often, the attackers may share several keys and using them to restore data may be a complex and time-consuming affair,” explains Chester Wisniewski, Principal Research Scientists, Sophos.

Hence it is important that in these crucial times, companies not just secure their infrastructure but keeps constantly educating their employees to avoid any such mishap, thus avoid paying any ransom and encourage them to use strong credentials to safeguard from any hacking/theft