Ransomware and cybersecurity

Ransomware is Becoming the Most Prevalent Malware Attack - Don’t Become the Next Victim

Anthony Cicero
Anthony Cicero
2021年7月27日 2 分で読める
Ransomware is a type of malware that can either encrypt all of your data (i.e., crypto-malware) or lock you out of your computer. Once the ransomware has infected your computer, it will ask you to pay ransom, usually in the form of cryptocurrency (i.e. Bitcoin), in exchange for decrypting your data or unlocking your computer.

Seven out of 10 malware payloads were ransomware. The three most common ways ransomware spreads are through ransomware infected emails, software vulnerabilities and security control and/or architecture weaknesses that can be exploited. In 2020, 73% of all ransomware attacks were successful.

Ransomware attacks can be devastating, especially for small businesses that can’t afford to pay a ransom for their data. That’s why it’s important to stay informed about what ransomware is, how it works and the types of ransomware there are.

There are many types of ransomware, and with new ransomware threats constantly appearing, it can be a little daunting. According to recent ransomware statistics from cybersecurity firm Coveware, these were the most used ransomware attacks in 2020:
  • Maze — Data-stealing ransomware that threatens to sell your data
  • Phobos — Ransomware that locks productivity documents
  • REvil (Sodinokibi) — Ransomware program that’s difficult to detect
It’s important to remember that ransomware is a business -- attackers have a profit incentive. According to a study by security firm Sophos, in 2020, 51% businesses were impacted by ransomware and it is expected that by the end of 2021 a company will impacted by a ransomware attack every 11 seconds. The COVID pandemic has made matters even worse as cybercriminals have started to attack new entities, including schools, healthcare providers, and government institutions. The recent U.S. Colonial Pipeline ransomware attack is just one of many examples.
Ransomware costs businesses billions of dollars each year which translates to about $8500 per hour. By the end of 2020, cybercriminals using ransomware had accumulated $20 billion in ransom payments. That number is projected to reach $265 billion by 2031, according to Cybersecurity Ventures.
The average ransom demand has reached $178,000 in 2020. Fortunately for small businesses, the average is only $5,900. The highest reported payment was U.S. travel services company, CWT Global, in July 2020. The ransom settlement was around $4.5 million.
So how do we protect ourselves against becoming a victim of Ransomware? For one thing organizations must have a reliable backup strategy, both online (cloud) and local, so that data can be restored before it was infected by the ransomware attack. Backups, however, can’t stop the attacker from still having your data and threatening to sell it on the dark web.
Organizations must have a robust defense-in-depth security strategy with a zero-trust model approach. They must have strong multi-layered encryption, adaptive multi-factor authentication, accurate data classification and proper role-based and/or attribute-based access control. Lastly, organizations require a comprehensive, easy to follow Security Awareness Training program to ensure their users are well-versed about the threats, risks, and consequences of an attack and how to work safe. Turn your users into “human firewalls.”

会社情報 Anthony Cicero

As a member of the Center for Enterprise Security (CES) team, Anthony works closely with Teradata's strategic customers in the Americas to help them design the right security framework and strategy solutions to meet their security and privacy needs. This includes encryption, authentication, access control, etc. by building on the foundation of advocating, designing and delivering defense in depth, industry best-practices. As a Security/Privacy Architect, Anthony is responsible for articulating to customers all aspects of security and privacy to assist account teams with closing new and existing core opportunities by focusing on the customers’ business-enabled security, privacy and compliance requirements.

Anthony is a Certified Information Systems Security Professional (CISSP) and has been working exclusively within the security and privacy realm for 20 years. Previously, he ran the premier customer success organization for McAfee supporting North America which provided security consulting and support to the worlds largest companies including current Teradata customers.  

Anthony loves boating, golf, home improvement and cars (classics and fast sports cars).

すべての投稿の表示 Anthony Cicero



テラデータはソリューションやセミナーに関する最新情報をメールにてご案内する場合があります。 なお、お送りするメールにあるリンクからいつでも配信停止できます。 以上をご理解・ご同意いただける場合には「はい」を選択ください。

テラデータはお客様の個人情報を、Teradata Global Privacy Policyに従って適切に管理します。