Years ago, this malware was hitting millions of personal devices worldwide. A gloomy pop-up would block your screen, announcing that all your files (and even your hard drive) have been encrypted. Only the hacker has the key to decrypt them again… in exchange for a crypto payment, of course. That’s ransomware, and now it’s mainly affecting institutions and companies.

According to Chainalysis, these attacks amassed $457 million in 2022. That’s a decrease of 40% rispetto to 2021, but it’s hardly good news. As more victims are refusing to pay, ransomware attacks are becoming more vicious, targeted, and expensive. The average ransomware attack is now costing over $1 million.

Besides, data exfiltration is now common: if the company/organization refuses to pay, the hackers may publish or sell their private data on the Darknet. As indicated by Blackfog, around 89% of all attacks are involving data exfiltration. This is especially bad for companies, which can lose a lot of money with their secrets.

Institutions most targeted by ransomware in 2022. By Blackfog

So far, the most affected countries seem to be the United States, Canada, and the United Kingdom. At the same time, the data is mostly exfiltrated to China and Russia. For Immunefi, around $70 million in ransomware payments were made in Bitcoin (BTC) in 2022. Other cryptocurrencies, like Ethereum (ETH), Monero (XMR), and several stablecoin were common as well.

To cash out the gains from ransomware to institutions, the hackers use fake IDs in centralized exchanges like Binance or go to lesser-known and sanctioned platforms, such as Garantex.io. In theory, cryptocurrencies come Bitcoin can be traced, but that doesn’t matter if the exchanges don’t cooperate. Usually, hackers take refuge in jurisdictions where international sanctions are avoided, like North Korea, Iran, and Russia.  

How institutions can protect against ransomware

It’s always important to keep the basic security measures: antivirus platform, data backups, official websites, and strong passwords. In addition, firms like Immunefi have made some additional recommendations.

  • Prepare a data recovery plan (and budget) in advance. In addition to the backups, there are also other companies offering cybersecurity insurance for these cases.
  • It’s not advisable to pay the ransom. Cybercriminals may not comply with their word at all and sell the data anyway. A white-hat hacker can be of great help, as well as sites like Niente più riscatto —where a group of experts publishes decryption tools for numerous ransomware variants.
Some ransomware variants decrypted in No More Ransom
  • Provide cybersecurity training to all employees. People are always the weakest link in the chain. They can be deceived easily via mail or phone, when not trained.
  • Besides the antivirus, other security systems could be useful too. AntiSpyware, Anti-Ransomware, Anti-Phishing, Intrusion Detection & Prevention Systems (IDPS), and Firewalls are some examples.

Government branches, schools, hospitals, and all kinds of brands are being targeted by this malware globally. It’s very important to take action now.


Wanna trade BTC, ETH, and other tokens? You can do it in modo sicuro su Alfacash! And don’t forget we’re talking about this and many other things on our social media.

Telegramma * Facebook * Instagram * Youtube *Twitter

Author

Sono un professionista della letteratura nel mondo delle criptovalute dal 2016. Non sembra molto compatibile, ma da allora ho imparato e insegnato su blockchain e criptovalute per portali internazionali. Dopo centinaia di articoli e contenuti diversi sull'argomento, ora puoi trovarmi qui su Alfacash, lavorando per una maggiore decentralizzazione.

Italiano
Exit mobile version