The rise and spread of ransomware
Ransomware, once simply a nuisance strain of malware used by threat actors to restrict access to files and data through encryption, has morphed into an attack method of epic proportions. While the threat of permanent data loss alone is jarring, cybercriminals and nation-state hackers have become sophisticated enough to use ransomware to penetrate and cripple large enterprises, state and local governments, global infrastructure and healthcare organizations, and more. Many of these groups are even offering their services for hire as ransomware as a service (RaaS).
The business of ransomware will cost you
In 2022, a ransomware attack forced 7-Eleven to close 175 stores as they were unable to use their cash registers or accept payment. Earlier that year, a BlackCat ransomware attack on a German oil company impacted 233 gas stations, with Royal Dutch Shell having to reroute their shipments to different supply depots because of the issue. The Colonial Pipeline attack occurred in May 2021, disrupting oil and gas deliveries all along the U.S. East Coast. And in 2020, the Snake ransomware attack brought Honda’s global operations to a standstill.
Today, through a mix of outdated technology, “good enough” defense strategies focused solely on perimeters and endpoints, lack of training (and poor security etiquette), and no known “silver bullet” solution, organizations of all sizes are at risk. Cybercriminals are making it their business to encrypt as much of a corporate network as possible, to extort a ransom ranging from thousands to millions of dollars.
But there is more at stake than just your bottom line. The aftermath of a ransomware attack can be detrimental: Downtime can stop business operations, disrupt productivity, and compromise your data. Once proprietary company data is leaked or compromised, you will likely suffer damage to your brand and loss of customer loyalty. According to a 2020 survey, 80% of data breaches included personally identifiable information (PII) of customers, intellectual property was compromised in 32% of breaches, and anonymized customer data was compromised in 24% of breaches. Not to mention, threat actors can use this sensitive data against your business or to carry out other insidious acts, including selling confidential data.
With the threat of ransomware propagating quickly across networks, protecting the perimeter alone simply isn’t enough.