The Next Wave of Ransomware


Written by: Edwin Weijdema, Global Technologist, Veeam Software

Ransomware as a trend will continue to affect businesses across the world – with attack types and tactics from cybercriminals evolving all the time. As attacks get more sophisticated, so do the consequences of falling victim to ransomware and the complexity of the clean-up.

The stakes are therefore higher than ever for businesses when it comes to protecting against ransomware attacks. Organizations need to understand the emerging trends that we will see gather speed, and prepare their defenses for the ransomware onslaught.

Make Your Business Insurable: The tension between insurers and businesses affected by ransomware is mounting. In EMEA we have already seen global insurance giant AXA announce that it will stop writing cyber-insurance policies in France that reimburse customers for extortion payments made to ransomware criminals. With insurers overwhelmed and frustrated by ransomware claims, underwriters will tighten up their policies to ensure clients are meeting predetermined conditions such as investing in appropriate cybersecurity and employee training before paying out.

Watch Out for Triple Extortion: This technique designed to make businesses pay more and pay faster involves extending the attack to the victim’s customers and partners. Triple extortion involves a third element – directing the attack beyond its initial target, using multi-layered extortion techniques to harm the victim’s customers and partners.

Minimize the Threat Within: Various studies suggest that over 60% of data breaches and cybersecurity incidents are caused by insider threats. hygiene is the first line of defense for an organization. Using two-factor authentication and restricting file access to only those who need it are ways of limiting the amount of damage a single user can do if security is compromised intentionally or unintentionally. Furthermore, training and education are vital to making sure employees are confident in identifying and reporting potential attacks.

Enforce the Law: Law enforcers are trying to bridge the imbalance between risk and reward for cybercriminals. Cybercriminals can make huge sums of money with little or no threat of prosecution. This will and has to change. However, given the borderless nature of cybercrime, governments must agree on an international legal framework for punishing cybercrime. Until then legal action will mainly be directed toward the victims rather than the criminals. Many governments are debating whether they should make ransomware payments illegal, so businesses resist the temptation to pay ransoms – cutting off cybercriminals’ income supply. Moreover, cryptocurrencies such as Bitcoin, commonly viewed as a hacker’s dream, actually have the potential to help law enforcers bring criminals to justice. Digital ledgers like Blockchain make it easier to ‘follow the money as records cannot be altered or deleted. Therefore, once criminals turn their cryptocurrency into “real money,” the digital ledger can theoretically unmask them.

Protect Your Data: Organisations must consult with their technology partners about deploying modern data protection solutions that can detect, mitigate and remediate ransomware attacks. Data must be backed up and recoverable across physical, virtual, cloud, SaaS, and Kubernetes so that in the event of a ransomware attack, businesses can remediate and recover quickly rather than being forced into paying the ransom.

As well as implementing modern data protection solutions, businesses must prioritize improving digital hygiene levels across their entire employee base. Employee education and awareness training can help to create a more digitally secure culture across the organization. A ‘human firewall’ combined with the right technology can help organizations prepare themselves for the ransomware attacks that will inevitably come their way this year and beyond.