Organizations worldwide brace for second round of ransomware attacks

Organizations around the world are bracing for more ransomware attacks this morning as workers return to their jobs to begin a new workweek.

While there was some relief over the weekend from the wide-scale ransonware attacks of Friday, thousands of computers are still vulnerable and they could help spread a new wave once booted-up and logged on.

Friday's attacks were called the largest scale of ransomware attacks ever, and cybersecurity experts were anxiously waiting to see if today would begin a second round.

Ransomware attacks continue to be on the rise, with 47 percent of organizations now saying they suffered a ransomware incident in the past 12 months, but these attacks are also becoming more sophisticated and potentially destructive.

According to a new study by Barracuda Networks, the ransomware problem has become so great that the vast majority (92 percent of those polled) said they are concerned about ransomware hitting their organization.

“Ransomware is undeniably the most successful and profitable style of attack for cybercriminals. It is estimated that last year alone, ransomware scams cost victims nearly $1 billion worldwide,” the study notes.

But there are also changes going on in the types of ransomware attacks being experienced that are especially worrisome.

“The ransomware attacks we’ve seen recently represent an even bigger threat: instead of collecting your money and then leaving your organization alone, some new variants are known to destroy your data as opposed to encrypt with no means of recovery,” explains Hatem Naguib, senior vice president and general manager of security at Barracuda. “Which leaves us wondering what the next evolution could bring. Could it be a new tactic where the victim is forced into making ongoing payments to keep their data available known as ‘protectionware?”

The impact of these attacks is far-reaching, Naguib stresses.

“It’s not just your hard-earned money that is at risk, it is also your reputation, viability and jobs,” Naguib says. “These impacts can be devastating, especially for a smaller business that may not have resources in place to quickly recover.”

Organizations should never assume they are not attractive targets because they are small, Naguib stresses.

“A common misconception is that small and midsized businesses think they are unattractive attack targets and by default, safe,” Naguib says. “In reality, these organizations are often more prone to attacks as they’re assumed to have fewer staff, technology and resources to combat targeted attacks.”

For reprint and licensing requests for this article, click here.