Ransomware is rapidly shaping up to be the defining online security issue of our time. A callously simple idea executed with increasing sophistication by criminal groups. A huge portion of our lives is now stored digitally, whether it is photos, videos, business plans or customer databases.
The online criminals brilliant twist was to realize that they do not have to steal data to make money: they just have to make it impossible to access it — by encrypting it — unless we pay up.
Ransomware was once a menace mainly for consumers, but now it is a significant threat to business. These groups of criminals are smart, sophisticated and, because about half of companies pay the ransoms, very well funded. Most of these groups have access to highly skilled hackers and software developers capable of bypassing network defences on all different levels. How skilled? When a version of their malware is spotted by the defences on victim networks, the group is often back with an undetectable version just a short time after.
The targets of the ransomware rings have evolved, too. It is not just about PCs anymore; these hackers want to go after the irreplaceable business assets too, which means file servers, database services, virtual machines and cloud environments. They will also search out and encrypt any backups that organizations foolishly leave connected to the network. All of this makes it that much harder for victims to recover — unless of course they want to pay the ransom.