The Echo-nomist

Over the past few weeks, ransomware attacks have affected more companies than you can name. And it’s not just America’s problem anymore. This virus is spreading across the world (as if we needed an other one).

What exactly is ransomware? Simply put, ransomware is a form of malware- they lock and encrypt the victim’s device data and then demand ransom to restore access.

It usually happens when victims download the malware unknowingly through email attachment or links. This helps them access the data on your computer and encrypt it to prevent the victim from retrieving the file. Basically you can’t access your own files.

Ransom means it involves a hostage. The hostage over here is your files/data! Now that’s scary. Even if you pay the ransom, there is no guarantee that you’ll get your data back. So you’re paying at your own risk.

These hackers attack where it hits- data and time. You know the saying, data is the new oil. Getting your data stolen is a big deal. Business heads have to decide whether or not to pay the ransom. The longer they take to decide, the more time they’re losing. In practice, this time can be more valuable than money.

Imagine the havoc if you can’t access the confidential and important files on your laptop. It’s a nightmare. From the colonial pipeline hack, we learnt that they’re powerful enough to hack into government security systems. No one is safe from ransomware attacks. Great, another thing for businesses to worry about.

If you think paying the ransom seems like a good idea, you’re not the only one. 70% (source: Cybereason) of the businesses infected with ransomware paid the ransom to get their data back. The problem is, when companies start paying the ransom, it incentivizes the hackers to keep going. They’re getting money without a big fuss and most victims pay so they continue doing it. Paying the hacker can prove to be detrimental. A survey by Cybereason indicated that 46% of the respondents regained access to their data, but either some or all of the files were corrupted.

Also, 80% of the organisations that gave into the hacker’s demand, incurred another attack (according to the survey).

Interestingly, Bitcoin accounts for 98% (source: Marsh) of the ransomware payments. They choose cypto as a method of payment because it provides them a high degree of anonymity, it’s fast and easy to access. Although, it’s not impossible to track crypto- the govt. was able to recover a half the Bitcoin’s they paid for colonial pipeline.

The number of ransomware attacks has gone up significantly during the pandemic, with a total of 304 million ransomware attacks in 2020 (62% increase year on year). The bottom line is, ransomware is scary and it’s on the rise. But how does it impact businesses?

The most obvious impact is loss of income. They end up paying lots of money to recover their data, which leads to a decline in assets. It costs them the revenue they could’ve earned while their operations were shut due to hackers is lost. After attacks businesses also increases their expenses to build a safer and more guarded IT network, thus reducing their profit margin.

Secondly, it causes damage to the brand and reputation. Think of it from a customers point of view. Two companies are offering you the same services, one has been subject to ransomware attacks and the other hasn’t. Which one would you choose?

UK’s National Health Service (NHS) is still recovering from it’s massive WannaCry ransomware attack in 2017, which resulted in more than 19,000 (source: ns-healthcare) cancelled appointments.

Thirdly, companies are forced to lay off employees and staff. To recover from the losses and regain stability, they have to cut their costs. For this, they often reduce the employee burden. Nearly one-third (29%) of Cybereason’s respondents claimed they were forced to eliminate jobs after being attacked.

These impacts are just the tip of the iceberg. Such attacks can prove to be tough to recover from. Some companies had to shut down operations on incurring huge losses because of this (example: Medstar Health, Code Spaces etc.).

There’s a brighter side to everything. Ransomware has also led to the emergence of new cyber-protection and malware prevention businesses. No one wants to be the victim of such an attack. So they’re working to secure their data.

With all the systems being moved to the cloud and proliferation of Software-as-a-Service (SaaS) apps, network systems will have multiple entry points. While this is music for the ears of ransomware groups, it will also lead to an increase in cybersecurity. We can expect Cybersecurity to be a top agenda for all CTO’s, giving a boost to Cybersecurity experts and firms.

We are going to witness some interesting battles between Law Enforcement, Cybersecurity Firms and Ransomware groups. Stuff straight out of Hollywood, that can have a major impact on our lives, if caught in crossfire.

Here are some of the major ransomware over the past few months:
~ Colonial Pipeline
~ JBS- world’s largest meat producer
~ NBA’s Houston Rockets
~ Kia Motors
~ Kaseya