Back in July Russian hacking group REvil infected the network of Miami-based MSP software company Kaseya and thousands of their clients, demanding a $70m ransom. Just a month previously, JBS SA, the world’s largest meat processing company, reportedly paid $11m to the same group, who had crippled their production in the US and Australia. And in May, one of the most important oil pipelines in the US was hacked and shut down, leading to a declaration of emergency, mass panic buying of petrol and the payment of a $4.4m ransom. Ransomware is clearly a rapidly growing problem in the tech world, so get the lowdown on 5 frequently asked questions and stay informed:
What is ransomware?
Ransomware is a type of computer virus that locks access to a system and extorts money for its unlocking.
How does it get there?
Ransomware is often transmitted through ‘phishing’, a well known hacking technique that involves fraudulent messaging that induces a victim to reveal personal information or download malicious software onto their device, either of which will allow the hacker to penetrate the targeted system. However, more sophisticated techniques are also used – the Kaseya hack reportedly did not involve phishing.
Who does it?
The ransomware industry is believed to be dominated by a small number of criminal groups, who are responsible for the majority of large-scale, sophisticated attacks such as the above examples. However, the attacks are often carried out on a decentralised basis, involving independent actors such as ‘initial access brokers’ who compromise networks and sell this access to ransomware groups, and affiliate hackers who are paid to do the majority of the work associated with perpetrating the hacking, while using the criminal group’s software.
Why is this important?
Ransomware is far from a new phenomenon, but it has grown significantly as a threat in recent years, particularly since the start of the pandemic, over which it is estimated to have grown by 500%. According to cybersecurity company Cybereason, it is estimated that there is now a ransomware attack every 11 seconds, and the industry will pull in over $20bn of illicit revenue this year.
Why is it growing?
The ever-growing integration of computer systems into our everyday lives means businesses and individuals are vulnerable to ransomware attacks. This has only been accelerated by the pandemic as we spend more time at home and therefore online. Another important factor to consider is cryptocurrency, which allows for the untraceable, anonymous transfer of large sums of money virtually, providing a perfect mechanism through which hackers can extort ransoms.
For more insight into the tech sector, industry trends, challenges, and news check out our