• About Us
  • Contact
  • Careers
  • Send Us a Tip
Menu
  • About Us
  • Contact
  • Careers
  • Send Us a Tip
CyberNews logo
Newsletter
  • Home
  • News
  • Editorial
  • Security
  • Privacy
  • Resources
Menu
  • Home
  • News
  • Editorial
  • Security
  • Privacy
  • Resources
CyberNews logo

Home » Security » Why do some companies keep ransomware attacks secret?

Why do some companies keep ransomware attacks secret?

by Jurgita Lapienytė
11 December 2020
in Security
0
Why do some companies keep ransomware attacks secret?
41
SHARES

The average ransom amount now is more than $1 million. Meanwhile, a lot of businesses decide to remain silent about the times they were attacked. At the same time, new technologies emerge to protect companies from cyberattacks.

“The pandemic has shifted many things online. And it increased the attack surface for hackers,” Maya Levine, technical marketing engineer at Check Point Software Technologies, recently told CyberNews.

In Q3 2020, Check Point Research saw a 50% increase in the daily average of ransomware attacks, compared to the first half of the year. 

We sat down with Maya Levine to discuss the latest trends in ransomware, and what to expect in the near future.

The impact of ransomware on businesses has grown exponentially. Does that mean that companies are not adequately prepared for ransomware attacks, and that they are not resilient?

Cybersecurity is a cat and mouse game. It’s not like I purchase this one product and I’m good for the rest of my life in protecting against hackers because they are constantly evolving. We come up with technology to protect ourselves against their attacks, and they develop new attacks, and it goes on and on. And part of the issue is that a lot of companies are behind in the kind of technology that they have but also it’s a lack of education in employees. With most successful ransomware attacks, and pretty much any cyberattacks, there’s a social engineering aspect to it. There’s the aspect where you have to trick a person to get in the environment or into the system. Humans make mistakes a lot more often than computers. Because of that, hackers will try to impersonate online shoppers, try to impersonate whatever to get you to click on something that is actually malicious.

The fact that a lot of people work from home, and might have some vulnerable devices, certainly doesn’t help?

The perimeter that people used to protect – you come into the office and everything is done in the office – that’s no longer the case. And so people need to be creative and get different solutions to match employees now working from home. Technology that employees have at home might not be as secure as the technologies that they had inside of the office.

READ MORE: With the Maze cartel gone, ransomware remains a painful issue for organizations

Would you say that cybercriminals this year became more sophisticated? We save the deployment of the double-extortion technique, and so it means that they are really innovating constantly.

Unfortunately, year after year they only get more creative, and more innovative. And the attacks get harder to detect. That’s why it is important to have advanced protection in enterprise networks but also, and specifically when it comes to ransomware, you should plan for a worst case scenario, you should have data back-ups that you are taking continuously, so that if worst case actually happens and you are a victim of a ransomware attack, you don’t actually have to pay the ransom because you have all that data that they locked you out of. You can’t operate under the assumption that you will never be attacked. I think it’s much smarter to operate under the opposite assumption, hope that you never will but prepare for an attack.

But just backing up your data can’t be enough as criminals now download your data before actually encrypting it.

That’s part of those double extortion schemes that we have seen with ransomware this year. And it’s taking it to a whole new level because previously it was just that I need access to my data, and now it’s that I can get fined by GDPR or other regulations if you release my data. Unfortunately, nowadays organizations can also get fined for paying an attacker for a ransomware attack because government agencies don’t want to encourage attackers to do this. Companies can find themselves in a really sticky situation. Obviously, the best thing to do is to invest in the right technology, and to have these preventative technologies in your system to catch these kinds of attacks. I just think that it’s hard to tell everybody that you need to have the best of the technologies. Certain sectors like education, even hospitals sometimes don’t have the funding for it. That’s why I say develop a contingency plan, have an idea of what’s going to happen if the worst-case scenario occurs.

ZDnet just revealed that the average ransom that companies pay the attackers is 1 million dollars. Do you have any insights on how often businesses decide to pay the ransom?

Part of the reason why companies pay this ransom is to keep it a secret that they were attacked in the first place. It’s in their incentive because of stock prices, general confidence in the company name to make it disappear, to make it seem like they never were attacked. So in some cases it is actually just better for them to pay it and not have that information out there. It means that we don’t have a great idea of how many companies actually have paid out for ransomware. We have estimates, and we have guesses, but we don’t know how many paid under the table, and we never heard of it. 

How often are cybercriminals not after the money, but corporate or any other type of intelligence? For example, researchers just traced Pay2Key ransomware to Iran, and it was used to attack Israeli companies? These kinds of attacks don’t seem like a coincidence.

I would say that most attackers out there are probably after money. You have information that you can get and still make money out of it, such as health records and social security numbers by selling it on the dark web. So a lot of attackers are stealing information so that they can then make a profit off it. State-sponsored attackers are definitely a real issue, they definitely exist. Obviously, we have no idea how many there are in numbers, because countries try to keep it secret. Usually, when we see an attacker not go after money, it’s because they are state-sponsored and they are trying to get intelligence, they are trying to somehow harm their enemy countries. There have been a few rare cases where attackers just wanted to cause chaos and they were not looking for money, they were just looking for disruption, but usually it’s either money or state-sponsored.

What are your predictions for the near future in terms of ransomware?

Unfortunately, I don’t see the rate of cyberattacks slowing anytime soon, especially because the pandemic doesn’t seem to be slowing down. Until things get back to normal, all of these online services shift back to in-person, that attack surface for criminals will still be large, still big. More money is being spent online now than ever before, and that’s more and more opportunity for attackers to steal money. This is just my prediction: we are going to see more ransomware attacks, more phishing scams and ways of trying to trick people. Unfortunately, we are probably going to see even more creative variants of these attacks that somehow get worse and worse.

Maya Levine, technical marketing engineer at Check Point Software Technologies

Invisible to ransomware?

Paul-Emeric Willette is Vice President at a French startup Shadline, which, simply put, helps companies to get back to business faster after ransomware attacks

“Sometimes companies are in total blackout for days or even weeks after they experienced a ransomware attack. When it happens, everybody in the company panics,” Mr. Willette told CyberNews during the Web Summit 2020.

Therefore, he is trying to sell a platform that, in case of an attack, ensures companies’ access to communication and vital business data. By vital data, he means files and information that could ensure the continuation of business operations for the first days after the incident.

“We are not a backup solution, we are not going to backup all the data of the company. We save the company’s most vital data. We talk with our clients about the worst-case scenario and what data they absolutely need in the first week,” he told CyberNews.

Mr. Willette assured that because of the technology that Shadline uses, their data is invisible to ransomware.

“Our technology relies on encryption and file fragmentation. We have a specific technology that makes data that you store with us absolutely invisible to any malware like ransomware,” he said.

It’s not always easy to sell this service to companies that haven’t experienced a ransomware attack. Nethertheless, Mr. Willette says, businesses are becoming more aware of the possible risks, and are willing to invest more in cybersecurity.

Share41TweetShareShare

Related Posts

Teespring data leaked on hacker forum

8+ million Teespring user records leaked on hacker forum

25 January 2021
Covid-19 vaccine

Covid vaccines are now an excuse to launch phishing attacks

22 January 2021
MyFreeCams data leaked on hacker forum

MyFreeCams hack: 2 million user records stolen from top adult streaming site and sold on hacker forum

21 January 2021
Nohow International leaks sensitive worker data

12,000+ workers’ IDs, banking details, and other personal data leaked by UK staffing agency

19 January 2021
Next Post
Facebook tracks ‘OceanLotus’ hackers to IT firm in Vietnam

Facebook tracks 'OceanLotus' hackers to IT firm in Vietnam

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

Popular News

  • 70TB of Parler users’ messages, videos, and posts leaked by security researchers

    70TB of Parler users’ messages, videos, and posts leaked by security researchers

    83034 shares
    Share 83024 Tweet 0
  • The ultimate guide to safe and anonymous online payment methods in 2021

    13 shares
    Share 13 Tweet 0
  • Facebook is tracking you: learn how to delete all Facebook data

    57 shares
    Share 57 Tweet 0
  • ProtonMail review: have we found the most secure email provider in 2021?

    69 shares
    Share 69 Tweet 0
  • Custom mechanical keyboards – 17 coolest ones we’ve ever seen

    442 shares
    Share 441 Tweet 0
Teespring data leaked on hacker forum

8+ million Teespring user records leaked on hacker forum

25 January 2021
Italy consumer association sues Apple for planned iPhone obsolescence

Italy consumer association sues Apple for planned iPhone obsolescence

25 January 2021
Google on laptop and mobile

Google vs Australia: The Battle of the Precedents

25 January 2021
Makers of Sophia the robot plan mass rollout amid pandemic

Makers of Sophia the robot plan mass rollout amid pandemic

25 January 2021
Elon Musk

Elon Musk to offer $100 million prize for ‘best’ carbon capture tech

22 January 2021
Is there life on Mars?

Is there life on Mars?

22 January 2021
Newsletter

Subscribe for security tips and CyberNews updates.

Email address is required. Provided email address is not valid. You have been successfully subscribed to our newsletter!
Categories
  • News
  • Editorial
  • Security
  • Privacy
  • Resources
  • VPNs
  • Password Managers
  • Secure Email Providers
  • Antivirus Software Reviews
Tools
  • Personal data leak checker
  • Strong password generator
About Us

We aim to provide you with the latest tech news, product reviews, and analysis that should guide you through the ever-expanding land of technology.

Careers

We are hiring.

  • About Us
  • Contact
  • Send Us a Tip
  • Privacy Policy
  • Terms & Conditions
  • Vulnerability Disclosure

© 2021 CyberNews

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Policy.

Home

News

Editorial

Security

Privacy

Resources

  • In the News
  • Contact
  • Careers
  • Send Us a Tip

© 2020 CyberNews – Latest tech news, product reviews, and analyses.

Subscribe for Security Tips and CyberNews Updates
Email address is required. Provided email address is not valid. You have been successfully subscribed to our newsletter!