Ransomware Attacks

Next Article

August 2021

Ransomware attacks have been on the rise lately. Who is behind these attacks, and what do they want?

By Rachel Adam, Edited by Harini Akurathi & Uday Lingampalli

Cybercrime as a whole has increased 600% during the pandemic (Firch & Allen, 2021). Ransomware is predicted to be the most common type of cybercrime in 2021. So, what exactly is ransomware? Ransomware is a form of malware that encrypts and locks a device’s files (such as photos and documents), preventing a person from accessing those files, until a ransom (usually paid in cryptocurrency like Bitcoin) is paid to the hacker. Once the ransom is paid, a decryption key may be provided, allowing the victim to access their files again. If the ransom isn’t paid, hackers may sell the files to other cybercriminals, publicly name the victim, and/or release the files to the public.

According to Time Magazine, the countries with the most cybercriminals are Russia, China, Brazil, Nigeria, and Vietnam (Rayman, 2014). Most cybercriminals work in organized cybercrime rings instead of working alone. 86% of cybercriminals are after money (Sen, 2021), since personally identifiable information like credit card numbers, home addresses, and Social Security numbers are extremely valuable and easy to sell on the Dark Web. The value of financial data has increased from 2020 to 2021. For example, the account details for a credit card with an account balance up to $5000 was worth $20 in 2020, but worth $240 in 2021.

However, other cybercriminals have a more sinister motive behind their attacks: to threaten the stability of various countries worldwide. Recently, there have been calls for U.S President Biden to pressure Russian President Vladimir Putin to crack down on cybercriminals for their recent ransomware attacks on U.S businesses. On May 7, 2021, the Russian cybercrime group DarkSide attacked Colonial Pipeline’s systems, which led to fuel shortages, increasing gasoline prices (especially on the East Coast), and forcing American Airlines to add extra stops to two of its long-haul flights. A few weeks later, on May 30, JBS, the world’s largest meat producer, was targeted by Russian cybercriminals (suspected to be the REvil group). The attack made consumers and the U.S government fear meat shortages and an increase in meat prices. Luckily, JBS was able to re-open its meatpacking plants within a week of the attack, avoiding these consequences. Most recently, on July 2, Kaseya, an IT firm based in Florida, suffered a ransomware attack that not only affected its own systems but also those of its clients (who are based in approximately 12 countries). President Biden said that the attack only caused “minimal damage” to U.S businesses. However, it’s a different story in Sweden. Many of the 800 grocery stores run by the Coop chain were affected by the attack, and were forced to close for multiple days. In rural areas, where a Coop was the only place to buy groceries for miles, this turned into a major problem. The Swedish railway system and a pharmacy chain were also affected by the attack. The REvil group (based in Russia) took credit for the attack, and it demanded $70 million to restore everyone’s data. As of July 14, the ransom has not been paid.

Ransomware attacks are dangerous, and governments worldwide must cooperate to prevent them. They can affect every aspect of life, and they are the future form of warfare. In the meantime, though, what can you do to prevent yourself from being the unlucky victim of a ransomware attack?

The U.S Cybersecurity and Infrastructure Security Agency recommends that you:

1. Update your devices and apps as often as possible.

2. Don’t click on links or open attachments from strangers.

3. Regularly back up your data.

4. Create strong passwords for all of your accounts. (try not to reuse them!)

5. Use secure Wi-Fi networks.

6. Use multi-factor authentication if possible. (for example, when you sign into Gmail, if you have two-factor authentication enabled, you have to enter your password, and a unique code sent to your phone.)