How ransomware is evolving to become a bigger threat than ever

Ransomware has become a sophisticated form of crime, affecting more healthcare systems than ever before and putting sensitive data at risk.

Hackers deploying ransomware used to send out a malicious link and hoped an employee would take the bait. Most hackers didn't even gain access to the company's information. The infiltrated system would be held hostage until the company paid a ransom in exchange for a decryption key, according to a May 20 article published by Harvard Business Review.

Now, ransomware attackers are much more sophisticated, often working for highly organized Eastern European criminal groups. Their goal is to obtain the most sensitive data they can get their malware on. 

The cybergangs research the companies they launch attacks on beforehand to exploit the company to maximum effect. They also target a company's backup system to make a ransom payment as alluring as possible.

Next, hackers contact the company with an extortion demand to get an encryption key and ensure the data the hackers obtained is not leaked. The company is often warned that if they don't pay a ransom then the data will be leaked to the dark web. Here, the information will be accessible to thieves and might receive media coverage — ultimately damaging the company's reputation. 

The company is backed into a corner of paying the ransom and supporting criminals, or not paying the ransom but paying much more to mend the situation.

To convince companies to pay a ransom, there has to be some level of trust for the cybergang. Some hackers do keep their word, while others are known to infiltrate former victims. Some cybergangs are customer-service-orientated; for example, some hackers will accommodate what form of cryptocurrency a company wants to pay with.

In a May 10 statement to CNBC, the cybergang behind the Colonial Pipeline ransomware attack, DarkSide said: "Our goal is to make money, and not creating problems for society. From today we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future."

To read more, click here.

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.

 

Featured Whitepapers

Featured Webinars