Ransomware attacks in 2021 are on the rise due to the big rewards for criminals.
Colonial Pipeline Co. reportedly paid between $4 and $5 million to hackers in order to get its pipeline back up and running. And there is a growing number of cases of outsized payments.
Here are 5 things everyone should know about ransomware – the worst of the worst malware – in 2021:
Ransomware attacks are on the rise. There has been a 57% increase in organizations affected by ransomware within the last six months and a 9% monthly increase since the beginning of the year, according to Check Point Research. And the U.S. sees the most ransomware attacks of any single country, with 12% of all attack attempts globally, according to Check Point.
The size of the payments is ballooning. The average cost of ransomware nearly tripled to $312,493 in 2020, according to Palo Alto Networks. Both the “highest amount paid” and “highest amount demanded” doubled to $10 million and $30 million, respectively, the cybersecurity firm said in its 2021 Unit 42 Ransomware Threat Report.
Double extortion is now common. That’s the criminal practice of first encrypting data so victims can’t access computer systems and, second, threatening to leak the data to coerce victims into paying a ransom. Sometimes the data leak is a separate ransom, so the victim is being extorted for two payments. And triple extortion is on the menu now: encrypting and leaking data plus using Distributed Denial of Service (DDoS) attacks to shut down victim websites, according to Palo Alto Networks.
There are ways to limit your exposure. The best way to avoid ransomware is to have a carefully crafted data backup strategy, according to Tim Erlin, vice president of product management and strategy at cybersecurity firm Tripwire.
“A good thought exercise to see how prepared you are is to imagine what would happen if you physically lost your device,” Erlin told Fox News. “How would you start over? How would you get your data back?” In other words, keep your data backup physically separate (i.e., disconnected and offline) so criminals have no way of getting at your backup too.
Remember, ransomware must find a way into your system first: use secure, multi-factor authentication whenever possible. Use strong passwords that are not repeated across different accounts, keep the software on your devices up-to-date, and avoid clicking on links in emails, Erlin said.