The Ransomware Crisis
The onslaught by cyber attackers is on the rise. Some of the world’s largest companies, schools, and even hospitals have fallen prey to their malicious and discreet attacks. It is to be noted that no one should be lulled into a false sense of safety that any breach of privacy by leaks of information is not a prominent risk to one’s identity. An analysis of such data leaks and information usually finds its way on the dark web.
Further, the scrutinization of such data leaks shows that organizations are quite increasingly and definitely falling victim to such cyber-attacks. But given the false sense of safety that is offered by such organizations, it can be increasingly understood that the organizations are trying to hide them from the public.
Furthermore, it is quite common for affected companies to pay millions to cybercriminals to regain data access. This emphatically shows the detestable, incompetent cyber laws in the country. It is to be noted that though such unscrupulous means, in terms of law, are opted for, as a matter of fact, such a course of action is not recommended.
Malware, as we all know, is ransomware or ransom-malware. The most common malware that encrypts systems or files, requests ransom payments to recover access. Recently, in a 2020 survey of entrepreneurs, more than half the CEOs ranked pandemic and cyber-attack as the most severe enemy or threats to their organization. On the other hand, given the rise of cryptocurrency, a contentious digital asset, such cyber-attacks pose a more odious threat to the finances of a young investor.
To double the contentious views on the currency, it guarantees an anonymous nature to the cyberbully which makes it quite easy for the attacker to escape the clutches of authority. Therefore it can be rightfully stated that a ransomware attack nowadays can not simply be related to a business interruption cybersecurity incident but also be associated with a data breach or theft.
Now, this gives rise to a pertinent, inquisitive question, that has cyber-attacks recently cropped up or they have always been there? Ransomware has been around since the 2000s and it originally targeted individuals i.e. it wasn’t prevalent on a large scale. Since then, varieties have evolved which has led to extensive spreading, evading detection, encrypting files, and pressuring users into paying ransoms. This also leads to another assertion, that given the more prominent use of technology in the pandemic, more and more populations and organizations have fallen prey to such malware.
The odious double fallacy
Paying ransom for the recovery of your work, to some might seem the highest form of technological exploitation, but it is to be noted that you could very likely also become a double victim. Some “file recovery” companies effectively negotiate a lower ransom with criminals and bury the matter by paying the lower ransom but to serve their end purposes of profit-making they charge the affected organization the ransom.
Quite detestably, in some cases, the margin can be significantly higher than the ransom value. Call it smart business or profit-mongering detestable tendency, the consumers are the ultimate victim.
Technicality behind non-detection
Given advanced technology sprouting across the world, current advanced evasion techniques allow cybercriminals to quite skillfully build customized attacks circumventing security controls. Thus, cybercriminals, quite masterfully, are not only using various techniques to avoid detection but are also targeting specific individuals to increase their chances of infection. Thus, various security tools might not be enough to detect and block ransomware attacks on individuals and organizations.
The proliferation in attacks is not new, but asking for record-high ransom is. It is to be noted that it does have significant financial and operational impacts. In a case of a detestable ransomware attack, an organization should be ready to mitigate the disaster as soon as possible. There can be various approaches to recovery that an organization can opt for.
Firstly it can effectively restore from a backup. This technique usually involves well-maintained and well-made backups. Though the idea is not as unadorned as it might sound as the cybercriminal may have already attacked the backup of the organization. Secondly, such a technique of restoring your backups is usually odious and expensive which might ultimately lead to paying of ransom. Another attempt to deal with the detestable problem is to break the encryption.
Lastly, the most aversive option of all is to pay the ransom and follow the attacker’s instructions.
Should ransom be paid?
Given the description of all the harrowing cases and the never-ending vicious cycle to escape the problem, it is quite pertinent to state that sometimes files are recoverable. Additionally, there is also a good reason to believe that you might not fall prey to the double fallacy assume companies do offer honest file recovery services. However, it is to be noted that these are rare and do not guarantee recovery.
Taking the advice of the cybersecurity experts, paying the ransom is not recommended as it is considered unlawfully financing criminals. However, as per the latest findings, the ways to part from such an odious predicament are limited as the majority of companies falling victims to ransomware attacks do pay the ransom and are on a rise. In many cases, as aforementioned, paying the ransom is considered cheaper than recovering resources otherwise.
Given the lifestyle changes that transpired on account of the pandemic, we’re all more connected and insecure than ever before. Then there lies the unavoidable fact that weak cybersecurity combined with ubiquitous connectivity equals increasingly vulnerable targets. Everything in India—from our companies to hospitals—is connected to the internet, but a lot of it is not adequately secured. What appears to be an individual threat will increasingly become a threat to national security!
Thus, instead of watching the cybercriminals multiply like many countries across the world, it is sagacious to obtain a documented position and robust legal framework to identify and punish offenders promptly. Moreover, what must happen to change this is a global partnership between countries and companies to take ransomware head-on.
Given the burgeoning number of cases that are being registered daily, it is quite pertinent for authorities to reflect on their incompetent malware tracking and mitigation technology and policy in India. The odious situation that presents them at the moment demands an upgrade of archaic mitigation technology. There is momentum to change the status quo, but the work is only beginning.
Tags: ransomware, ransomware protection, ransomware attack, ransomware crisis