As the media often likes to point out, we have found ourselves in unprecedented times. While there have been many pandemics throughout history, our daily lives have significantly changed since then, so the COVID-19 pandemic has brought many unknown and unexpected situations, such as work from home, online learning, and wearing masks everywhere and more. While many struggled to adapt, some businesses boomed, and not all of them were legal. In this article, we explain why ransomware attacks will explode in 2021.
A perfect example is cyber criminals, who suddenly had much more material to work with, considering that millions of people were working from their home computers now, and those might not have been as protected against cyberattacks as the ones in a company’s offices were. Ransomware attacks skyrocketed in 2020 (up to 900% compared to 2019), putting people, companies, and sometimes even entire countries in danger. Ransomware is a type of cyberattack done using malicious software that infects a computer and quite literally demands a ransom to let the owner reaccess it. Ransomware can block your entire computer off, and password protect the files it deems valuable, or cause many similar troubles and inconveniences.
As the pandemic continues in 2021, it seems inevitable that cybercriminals will keep adapting and improving in evading the measures to protect the computers and other IoT (Internet of Things – any electronic device that can access the internet) devices. This also means that there is no doubt that the number of ransomware attacks will not go lower, quite the opposite. This can be very dangerous, as, as already mentioned, ransomware can target an entire country, sometimes even putting people’s lives at risk.
An obvious target is, of course, big companies, and they have indeed been attacked quite often, ranging from tech companies such as Garmin to companies belonging to any other sphere of life. Such as camera and optics manufacturer Canon or data processing firm Equinix. One could say cybercriminals are not too picky when it comes to their victims. Anyone that might have money is a fair game.
Ransomware on health and education
Unfortunately, ‘anyone’ also means that the criminals most commonly do not have any morals and are ready to attack health and education sectors, knowing their importance. For example, it is already suspected that a computer virus has caused at least one patient in Germany. It is almost surprising that the number is not much higher, as cybercriminals do not shy away from targeting hospitals. As mentioned already, the situation is similar, although certainly less bleak, when schools had to adapt to online learning. In the first half of 2020, the ransomware attacks on primary and secondary schools in the United States accounted for 28% of all the ransomware attacks. However, as the new school year started in September, the number doubled to 57%, showing that cybercriminals know exactly what they are doing. Of course, the situation is not limited to the United States, as similar attacks have been happening worldwide.
While ransomware is usually used to extort money from the victim, it has also been used to sell data obtained through an attack or access to compromised networks and organizations on the dark web leak sites. This, of course, opens an entirely new world of dangers coming with us into 2021. Another thing that has been noticed is cybercriminals performing attacks seem to be sharing the code used between themselves. They are organizing themselves into larger groups and are working together.
Another very telling thing is that before the pandemic, the average ransom payout had been around $80,000. However, during 2020, that number jumped to over $200,000, showing that ransomware gained more power with our lives’ changes.
As cyber criminals adapt and move forward, so must we. It is more important than ever for all of us to take all the precautions to prevent becoming victims of a ransomware (or any other) attack. Both by protecting the IoT devices, we use personally and professionally and educating ourselves and the people around us on cybersecurity matters, including ransomware.