Ransomware, specifically cryptographic ransomware, has quickly become one of the greatest cyberthreats facing organizations around the world. This criminal business model has proven to be highly effective in generating revenue for cyber adversaries in addition to causing significant operational impact to affected organizations. It is largely victim agnostic, spanning the globe and affecting all major industry verticals. Small organizations, large enterprises, individual home users – all are potential targets.
Ransomware has existed in various forms for decades; but, in the last three years, cybercriminals have perfected the key components of these attacks. This has led to an explosion of new malware families that have made the technique more effective and drawn new malicious actors into launching these lucrative schemes.
- The financial impact of ransomware is enormous, with several high-profile infections leading to millions of dollars in ransom paid to attackers.
- Ransomware is one of the few cybercriminal business models where the same attack could harm a Fortune 500 company, a local restaurant down the street, and your grandmother.
- The cryptocurrency Bitcoin has provided a payment mechanism that is fueling the success of this scheme. The payment mechanisms that early forms of ransomware relied on have been shut down or forced to regulate their payments, but Bitcoin has no central authority against which law enforcement can take action.
- Thus far, ransomware attacks have primarily targeted Windows-based systems, but adversaries have begun branching out to target other devices, such as attacks against the Mac® OS X® operating system.
- Until organizations around the world adopt a prevention mindset, and stop paying ransoms to retrieve their data, this criminal scheme will continue to threaten all Internet-connected devices.