Written by Abby Newman, Security Analyst
It’s no secret that 2021 was a rough year for cybersecurity. Businesses everywhere continued to grapple with surviving a seemingly never-ending pandemic and historically high rates of cybercrime. Most of us have heard the term “ransomware” at some point this year—especially with the high-profile ransomware attacks hitting Colonial Pipeline and JBS Foods. These attacks made big headlines due to the impact on essential goods, namely gas and meat. However, there were many more attacks this year that didn’t make headlines. Organizations ranging from the NBA to computer manufacturer Acer were hit with ransom demands as high as $50 million. Reports indicate that personal phones and computers have also been infected with ransomware this year.
Highest Paid Ransoms Paid in 2021
Sources: Wall Street Journal, Bloomberg
So, what is ransomware exactly, and how does it get in? Ransomware is a type of malware, or malicious software. Ransomware works by gaining access to company files and locking them up with uncrackable codes, or encryption. Since the company cannot access their data, most have to pause business operations. Such impacts in production can cause significant financial loss, which is why some companies decide to pay the ransom. Once the ransom is paid—typically through the untraceable currency Bitcoin—the hackers will provide the company with the codes to unlock their data. Ransomware has been around for a while, but only recently have we seen this high level of sophistication where hackers are able to extort millions of dollars. Over the past two years, research has shown that most of these attacks can be traced back to a point where a user’s credentials were compromised.
2021 General Cyber Breach Stats
Source: Verizon’s 2021 Data Breach Investigations Report (DBIR).
of breaches involved a human element
of breaches involved credentials
Yes, you read that right—most cyber breaches happen due to employee error or carelessness. Phishing continues to be the leading method of hacking an organization, and ransomware is no exception. User credentials are typically compromised in two ways:
- Credential phishing
- Poor password practices
Credential phishing is a type of phish that tricks the user into thinking they are signing into a legitimate website. As they enter their information, the hacker is quietly harvesting it for later use.
Poor password practices include reusing passwords or using passwords that are too simple.
In today’s world, we must remain vigilant online to protect not only the company we work for, but also ourselves. Do your part by learning to spot suspicious emails, taking phish tests seriously, and incorporating better password practices into your lifestyle.