Hackers devise ransomware campaigns to target large corporations and institutions, and encrypt their data to demand specific ransom. As reported, an average ransom collected from each locked system could be anywhere between $500-$1000. With time the ransom amount is seeing an upward rise.
WannaCry: a successful ransomware campaign that disrupted banks and enterprises primarily in Ukraine, but later infected organizations in Europe, the UK, the US, and India. As per a report, WannaCry ransomware affected over 230,000 systems around the globe across 150 countries. The economic losses resulting from the attack were about $4 billion making it the largest cyber catastrophe ever.
Also, with GoldenEye ransomware the cyber world witnessed a second wave of ransomware attacks with losses over tens of millions. If one looks at the history of the past few years, it is crystal clear that ransomware are here to stay. Thus, it becomes essential for companies to self-assess and find vulnerabilities so that they’re not surprised with another horrifying event. Here, we list the most probable reasons for successful attacks.
The primary reason for those deadly ransomware attacks was due to the now-obsolete Windows XP operating system-based computers that were left unpatched. Although Microsoft had released the SMB vulnerability update, lots of enterprises were either unaware or laid back. Because of which, the systems were left vulnerable to ransomware attacks.
No regular backups
When a ransomware encrypts the data on the computer, the user has the option to restore data from backups and get rid of the malware. However, the only problem was, there were no backups taken to restore. Organizations did not save their data at regular intervals which led to a do or die situation: either lose the data or pay the ransom. Several organizations chose the latter.
Hanging on to legacy software
Microsoft announced a couple of years ago that it would completely stop the tech support to Windows XP in a move to phase out the software from the market. However, several users hung on to the legacy software primarily to save migration costs. Ironically, they ended up paying anyway when attacked by ransomware. Had they migrated to newer versions of Windows, the impact could have been negligible.
Probably, this reason was the root of all problems. Had enterprises been using genuine software, they’d have received timely updates, which in turn could have shielded their data against WannaCry or Petya, and the impact of these ransomware would have been unnoticeable. Unfortunately, some of the organizations--especially--from the developing nations used pirated operating systems causing serious damage to their reputation and economy.
All these reasons collectively convey one thing: keep your OS fully updated. One of the main reasons people still get affected by such hacker attacks is the fact that they are not updating their operating systems. Some businesses still make the excuse of being not able to afford downtime, but now we know the opportunity costs are bigger. In addition, a solid endpoint protection system is a must before you even connect your system to the network.