The pandemic may have changed the way we work, but it has not affected hackers in the same way. This is according to Jeremy Flemyng, the director of the UK’s espionage agency, GCHQ.
In his presentation to the Cipher Brief annual threat conference, Flemyng claimed that ransomware attacks have doubled in the past year. He did not say exactly how many attacks took place, but he did comment, “I think that the reason [ransomware] is proliferating – we’ve seen twice as many attacks this year as last year in the UK – is because it works. It just pays. Criminals are making very good money from it and are often feeling that that’s largely uncontested.”
Bad news for business
Ransomware is a significant threat to businesses. When important data is encrypted, operations quickly grind to a halt. Recovering data from backup is time consuming and costly. Worse still, some businesses discover that their disaster recovery systems have been compromised and files cannot be restored.
Infected companies will make a value call – is it cheaper to pay the ransom, or to go through a drawn-out recovery procedure. For many, it will be quicker and cheaper to simply pay the ransom. This is especially true for businesses that have cybersecurity insurance – their insurers cover the losses, including any ransom payments.
Big business
Ransomware is big business. A report from the US Treasury estimates that the top 10 hacking groups have shifted $5.2 billion over the last three years. And when businesses are paying ransoms, it is easy to see how they are making so much money.
Flemyng’s speech also drew attention to evidence that hacking groups are not working alone. It is GCHQ’s belief that the Chinese and Russian governments provide support and funding for cyber criminals gangs – and they expect the problem to continue getting worse.
“In the shorter term we’ve got to sort out ransomware, and that is no mean feat in itself. We have to be clear on the red lines and behaviours that we want to see, we’ve got to go after those links between criminal actors and state actor,” he said.
Your computer is at risk too
The move to remote working has made it easier for cyber criminals to attack company networks. If they can break into your computer at home, they can piggyback into company systems, installing ransomware through your logon.
To protect your company – and yourself – you should ensure you have reliable anti-malware software installed on your computer. This will automatically identify and block ransomware before it can spread or encrypt your data. Which means you won’t have any problems with ransoms or disaster recovery to deal with.
You can help reduce malware infections right now by downloading a free trial of Panda Dome anti-malware here.