Ransomware cyber-attacks reportedly date back to 1988. And now, a little more than 30 years later, ransomware is one of the biggest security threats on the internet. It is predicted to inflict damages totaling $6 trillion globally in 2021.
Australian companies and organizations, in specific, are seen as attractive, lucrative targets for ransomware attacks. The light was shed on the issue after the Australian publicly-listed media company Nine Entertainment had been brought to “its knees” by a ransomware attack; the company struggled to televise bulletins or produce newspapers due to the attack.
The Australian Strategic Policy Institute has reported that Australian organizations make a “soft target” for ransomware because of their relatively weak cybersecurity. Further, it has warned that the situation will only get worse unless urgent strategic measures are taken.
“A current policy vacuum makes Australia an attractive market for these attacks, and ransomware is a problem that will only get worse unless a concerted and strategic domestic effort to thwart the attacks is developed.” (the Australian Strategic Policy Institute)
What Is Ransomware?
Ransomware is a cybercrime in the form of malware. In a ransomware attack, the attacker encrypts the files and data of the victim and demands a ransom to grant the victim access to the encrypted data.
There are many types of ransomware attacks, crypto-ransomware being the most common one. A crypto-ransomware is when the attacker encrypts the data with a secret key known by the attacker only and asks the victim to pay a ransom to have their data decrypted.
Another type is the locker ransomware, in which the victim’s entire operating system gets locked, and they can only unlock it by paying a ransom.
In a leakware, the data isn’t encrypted. Instead, the attacker threatens to leak the data to the public, hence the name.
It gets worse; the double extorsion ransomware is like a mix of two of the above; the attacker encrypts the data and asks for a ransom, threatening to leak it to the public if the victim doesn’t pay the ransom.
What Is the Controversy Over Ransomware Attacks?
Typically, if a kidnapper asks you for a ransom, the right thing to do is tell the police; in this case, the police will track down the kidnapper to solve the case without paying the ransom.
Now, when you receive the dreaded message that your files have been decrypted, what is the right thing to do?
There is no denying that the very first thing you will be doing is panicking, and rightfully so. But, this doesn’t mean you should act rashly, as it will not help you restore your data.
A survey was done, and 77% of respondents admitted that they would not know how to act if they fell victim to a ransomware attack. (The Guardian)
The controversy over ransomware attacks lies here; should the victim pay the ransom? It has always been a debatable question. Some strictly refuse the idea of paying for these reasons:
- There is no guarantee that the attacker will decrypt the files: you might waste your money in vain.
- You will become easy prey for future attacks: when an attacker sees that you’re willing to pay to have your data restored, you will attract more attacks.
- The attacker might increase the demand: after seeing you are willing to pay, they might ask for more.
- Your paying the ransom encourages hackers to launch more attacks on other organizations.
However, sometimes paying the ransom is inevitable; in some instances, restoring the data sets on top of the priorities. For example, health care organizations hold invaluable information that poses a life or death threat if decrypted or stolen.
Paying the ransom should always be your last resort, only after you run out of all other options.
This leaves us with the overused, yet always true, cliché; Prevention is better than cure.
How To Protect Yourself Against Ransomware
There are multiple ways to protect yourself from getting attacked in the first place:
Virtual private networks should always be an option. A VPN will create a private network for you, hidden and secure from any potential attacks.
Strong VPNs provide high levels of security, usually using the AES-256-bit encryption. It is so secure that governments, military bases, and banks utilize it to protect their most confidential data.
Check the list of the top VPNs on the market, rated and ranked.
Now comes the question: Are VPNs enough to prevent ransomware attacks? Not exactly. VPNs encrypt the data in transit, not the stored data. So, while VPNs are very important to keep your network private, ransomware attacks can still happen to your already stored files. This is why it is always important to use a strong antivirus.
Using an Antivirus
Using an antivirus is vital to prevent any potential ransomware attacks. An antivirus will constantly scan your device and system for any malware threats and notify you if any is detected.
An antivirus will also develop a firewall for added security. This firewall adds an intrusion detection system to prevent any potential intruder from using your private network.
To get an idea of what Antivirus is considered excellent and reliable, see the list of top Antivirus software of 2021.
Other ways to protect your data
- It should be a given: always back up your data. If you back up your data, you will not need to pay a ransom to get it back.
- Keep your operating system and security software up to date.
- Be smart; never click on links or emails from unknown sources, as they might have malware embedded in them. Having said that, never click on websites with pop-ups and suspicious links, either.
- Don’t use a USB from an unknown source.
Ransomware attacks are no joke. Therefore, the government needs to take immediate action to prevent and stop hackers. But, individuals and organizations cannot afford to sit and wait for the government to solve the issue; Everyone should take the initiative in protecting their own business.