What is a ransomware attack and how often do they happen?
Ransomware is not a new security threat. In fact, the first was orchestrated in 1989, with its proceeds allegedly going to charity. In the past five years, however, ransomware has hit headlines across the globe. Attacks, experts say, are becoming more sophisticated, more harmful, and more frequent.
In its base form, a ransomware is a type of malware designed to lock a user out of their files – typically by encrypting them with a key only the attacker knows. The methods to achieve this, however, are constantly evolving.
The notorious WannaCry ransomware is perhaps the most successful example of this. It made use of an exploit discovered by the United States’ NSA to achieve an unprecedented level of spread. It successfully hit the NHS, FedEx, and more, expanding through their network automatically to lock as many computers as possible.
Since the success of WannaCry, there has been an explosion in the number of ransomwares, some of them using similar techniques and others creating new ones. The highly-sophisticated Ryuk has had particular success in recent times, combining a credential theft trojan with manual intervention to strike swiftly across the entire network.
According to a recent SonicWall study, the number of new ransomware variants is only growing. It noted a 46% increase in new strains each year, with Ryuk accounting for a third of all attacks.
So, how high is the threat to UK businesses right now? A report by Check Point suggests higher than ever. Ransomware attacks in the UK jumped by 80% in Q3 2020 as attackers looked to exploit mass remote working. Worldwide, it says, a new organization becomes the victim of ransomware every ten seconds.
Further, the number of so-called “double-extortion” ransomware attacks are increasing. Attackers are not only threatening to lock enterprises out of their data – they also say they’ll leak it if they don’t pay up. Nearly half of all attacks used this method in Q3 2020, making it a significant and developing risk.
Protect against ransomware with Acronis Cyber Backup
With this increased threat, businesses stand to lose even more should they fall victim to a ransomware attack. As well as the weeks of downtime ransomware can bring, improper protection can lead to leaks of confidential documents and intellectual property.
As a result, solutions like Acronis are becoming all but essential. Acronis Active Protection uses heuristic analysis to detect known and new ransomware and stop it in its tracks. By constantly monitoring machines, it’s able to suspend a ransomware’s activities and restore a version of the file from moments before.
Acronis further safeguards local and cloud backup files. With active monitoring of local files, it can prevent backups from being modified. Backups in the Acronis cloud, meanwhile, feature strong end-to-end encryption and only allow modification by authorized Acronis agent software. Protection applies even if the ransomware tries to overwrite the Master Boot Record (MBR) or tries to attack the Acronis software itself.
These benefits are only available because Acronis Cyber Protect is able to combine sophisticated backup systems and advanced anti-malware protection into a single solution. The fact that it manages to do this seamlessly makes it uniquely positioned to protect enterprises from Ryuk, WannaCry, and the attacks of the future.