Mounting a defence in the ransomware war

Ransomware attacks are escalating – it’s a criminal industry already worth billions and it’s only going to get worse. Baker Tilly’s cyber security experts discuss common weaknesses and how best to prepare against the inevitable because it’s a case of when, not if, a business is hit.

It’s the customer service story you never want to tell.

Locked out of their critical IT systems, facing the loss of important corporate and customer data, the Dutch business could only speak glowingly of the call centre offering support. Within a matter of minutes, a helpful operator was able to guide the business through the process of making a payment so they could get their files restored.

But the catch is this wasn’t an IT help desk on the phone. It was one of the well-staffed, smoothly run ransomware call centres that allow people to negotiate and pay the criminal enterprises that have encrypted their data in the first place.

Ransomware is now one of the world’s most profitable (and seemingly low risk) criminal enterprises — with an underground network estimated to cost legitimate business around USD20 billion this year alone.

While that sum is 57 times the amount collected by ransomware gangs only a few years ago, the worst is yet to come, and some experts suggest that within a decade, USD265 billion will be stolen and extorted annually through ransomware crime. And with that growth in revenue has come remarkable sophistication as crime gangs efficiently target victims, with an estimated 150% surge in attacks in the past year.

“It’s a growth market,” says Baker Tilly Kenya IT Advisory Partner.

“What we say is it’s not a question of if you’re going to be hit someday with ransomware, but when. If you choose that state of mind, then you have to do something about it. Prevention is important, but so is your response. What are you going to do? What kind of plan do you have to get your company back in business again? When you have those plans, you can sleep a little better.”

A simple crime with a sting in the tail

What sets ransomware apart from many other kinds of cyberattack is the simplicity of the crime, which combines both technological and psychological attacks on the victims.

Unlike malware that might corrupt files, ransomware uses encryption tools to lock them so they are just out of reach of a business that desperately needs its systems and data to be able to continue shipping goods, paying staff, responding to customers or delivering on contracts.

While it is relatively easy to enact this encryption — some ransomware tools trade on the dark web for as little as $70 — the lock is also very difficult to undo.

Some groups, such as the No More Ransom project, involving a range of cybersecurity and international policing partners, make decryption software available for free, but these address only a fraction of the tools commonly used. This is where the second psychological nudge is used to get companies to pay.

Get personalized wealth grown strategies

Leave A Comment

related news & insights.

  • Team Meeting
    September 13, 2023||Assurance, Digital||1.3 min||

    Unleash the power of your money: Invest today, Investing right

  • Two Women Reviewing Documentation
    September 13, 2023||Finance||1.3 min||

    Dividend Investing: Generating the passive income from stocks