The worst thing people can do for criminals is underestimating their power. That goes for the in-person kind and the cybercrime kind as well. In the early days of ransomware on the Internet, hackers targeted individuals through their phones, emails, or social media accounts. They would trigger the ransom note, demand a Bitcoin payment, and threaten to delete sensitive files if the demands were not met.
The thing is, criminals, overestimated how attached to their files people were, how few victims had even the faintest idea of how cryptocurrency worked, and how many were willing to negotiate with criminals.
In short, the hackers who went after individuals with ransomware often fell short of their marks, either because of technological deficiencies or because people couldn’t or wouldn’t pay the money.
Ransomware attacks hit a two-year low two years ago but are rising again as hackers take on a new strategy: attacking businesses.
Why Cybercriminals Target Businesses With Ransomeware?
On the surface, you would figure that businesses have much better security systems than the average person, but it turns out that is a fallacy of logic. Small-to-medium-sized companies and startups often scrimp on security or go into business with the strategy that they don’t need protection because no one knows about their company yet, or no one would want to attack it because it has little in the way of assets.
This is precisely the sort of poor logic that hackers prey on. They routinely checklists of newly acquired domains and then wait them out until they are up and running to try an attack.
More considerable, more established businesses are often targeted just after operating systems or anti-spyware software warn of security holes and send out patches and updates. Laziness is one of the most significant contributing factors to malware getting on company computers. If IT departments do not ensure that everyone follows proper Internet security protocol, it provides a window of opportunity for hackers to move malware through exposed systems.
The third component is that businesses are more at risk of losing vital information than the average person is. If the only things on your personal computer are family photos and your MP3s, are you going to figure out how to pay $650 in Bitcoin to some random criminal who may or may not return access to you?
But business networks have proprietary information, employee personal information, financial information, and much more that easily carries a higher price tag. If a company’s IT department can’t walk back the ransomware and find a system reboot point, then paying the ransom becomes a very viable option for most C-suite-level employees.
The Bottom Line On Cyber Warfare
Most businesses don’t realize the value of compelling anti-ransomware solutions until it’s too late, which is ironic given that the relatively low cost of the software is much less expensive than trying to pay your IT staff overtime to fight through the malware or biting the bullet and paying the ransom, with no guarantees of it working.