The Ransomware Story: Predicting the Unpredictable

Imagine your core files are turned into encrypted gibberish, and the attackers demand a large ransom to retrieve them. Hard to think your business can be that vulnerable, but incredibly, these kinds of attacks happen every day. Where there is the Internet, there is ransomware, and quite simply it’s open season for cyber criminals wanting to extract money from organizations in the government, finance, healthcare and manufacturing industries. In this blog we explore “Ransomware”: what it is, how it evolved into the top cyber threat, and the huge social and economic impacts.

Let’s relive the ransomware story.

What is ransomware

Ransomware refers to a type of malware that is used to steal and encrypt data, and make the victim’s system inaccessible. Hackers use such malware to force your business operations to stop, and demand you pay a ransom to decrypt the system.

Cyber criminals take core sensitive information “hostage” to extort money from individuals or organizations, marking the shift of ransomware into more than just malware – it’s now a highly effective business model.

The evolution of ransomware

Ransomware has gone through several stages over the past 30 years.

The earliest extortion, dating back to 1989, is called the AIDS Trojan. This period was marked by the minimal and weak ransomware. This attack was notable as it was released by a biologist, who handed out 20,000 infected disks containing the PC Cyborg virus to attendees at the 1989 World Health Organization’s AIDS conference. This attack required users to pay a US$189 ransom to unencrypt the files on their C drive, marking the first ransomware in history.

Then, in 2009, the rise of virtual currencies like Bitcoin fueled and created the right conditions for new ‘active’ extortion by cyber ransomware attacks. Virtual currencies can be manipulated to ensure anonymity and intractability, making extortion attacks more insidious than ever and cyberattacks one of the most pressing threats to governments and enterprises everywhere.

The most recent period, starting from 2015 to current day, is marked by incredibly damaging attacks. For example, in 2017, WannaCry swept the globe on an unprecedented scale. Targeting Microsoft system vulnerabilities, the attack lasted just five hours but forced downtime for organizations in the government, finance, electricity, and communications sectors in countries like UK, France, Spain, and Russia. WannaCry rendered devices useless for approximately 300,000 users in 150 countries and regions and caused total losses of US$8 billion.

The impact of modern ransomware

The World Economic Forum’s Global Cybersecurity Outlook 2022 reports that,

Ransomware attacks are at the forefront of cyber leaders’ minds, with 50% of respondents indicating that ransomware is one of their greatest concerns when it comes to cyber threats.

The respondents were leaders such as CEOs, CIOs, and cyber experts from world-renowned companies.

Ransomware attacks target enterprise users, individual users, and operating systems like Windows, Linux, and Mac. They have caused enormous losses to enterprises across a wide range of industries.

Ransomware is stealthy by nature and very good at disguising itself. There are many ways that it may attack your system. These include zero-day vulnerabilities, storage media, and phishing emails, which are difficult to detect and defend against.

In 2021, ransomware attacked an organization every 11s, but the leading investment consulting firm Cybersecurity Ventures predicts that by 2031 a ransomware attack will happen every two seconds. To date, the largest reported demanded ransom is US$70 million, with losses totaling US$20 billion in 2021. The average cost of recovering from a ransomware attack is $1.85 million (Sophos), and the average time to recover from a ransom attack is 16 days (ZDNet). Another worrying trend is that paying a ransom is often not enough, with 80% of enterprises who pay a ransom being targeted a second time.

While ransom is a monetary problem, it’s not the only impact of a ransomware attack. Downtime for any enterprise impacts brand reputation and exposes enterprises to legal liabilities. Stats show the collateral damage can be 23 times the value of the actual ransom. Put simply, extortion attacks can destroy businesses that are not prepared.

Our digital age means everything is and must remain online. Enterprises both large and small must build a complete ransomware data protection solution to safeguard key systems.

Predict the unpredictable with Huawei

Despite the current climate, it’s not all bad news. The Huawei Ransomware Protection Storage Solution is built on comprehensive security and reliability features to defend against major serious threats to date. This solution provides the primary and backup storage protection to not just detect and block ransomware attacks, but also prevent tampering of data copies, which are used to restore data. It uses Air-Gap technology to build an isolation zone, in which, if attacked, production and backup storage data is protected and your system retains a copy of clean data that can be recovered.

Ransomware has become an issue of when, not if, and for your business that means protection is a top priority. Huawei’s Ransomware Protection Storage Solution offers some of the industry’s best specs, at a competitive price. These blogs will cover more about the solution in later articles, but in the meantime, you can learn more at our official website. Don’t make it easy for the hackers, and see how you can protect your system today with Huawei.

A look at how Huawei’s Ransomware Protection Storage Solution works

Visit the product page Huawei Ransomware Protection Storage Solution and stay tuned for part 2 of this series: “Understanding Hidden Ransomware and Strategies to Detect It.”

Disclaimer: Any views and/or opinions expressed in this post by individual authors or contributors are their personal views and/or opinions and do not necessarily reflect the views and/or opinions of Huawei Technologies.