Last year saw a hike in not just the number of ransomware cases, but also in the variations of a ransomware attack. Out of the chaos of rising ransomware attacks, a prominent type of ransomware, coined as Ransomware 2.0 came to be established. Also called popularly as a triple extortion ransomware, Ransomware 2.0 adds another spoke in the wheel: data theft.
How does it work?
While traditional ransomware attacks relied on just encrypting the files on the victim’s system, and then demanding money in return for the decrypting key, this new strain withdraws all data from the system to the hackers, before locking the victim out of their own machine.
The stakes have suddenly become monstrous.
Even before, there was no guarantee that the hacker would give back control once the payout was made. Now, with Ransomware 2.0, there’s another fear: what if the data is misused later or sold to ill-wishers? Even if you regained control of your locked system, nothing stops the hackers from going ahead and causing trouble later.
Analysis of the attacks
Security agencies working closely on preventing ransomware 2.0 recorded a walloping 1893% rise in Ransomware 2.0 attacks around June-July 2020.
The ongoing pandemic conditions were shamelessly exploited. Asia-Pacific regions (including South Korea, Taiwan, and Hong Kong) were found to be the hottest targets. Two malicious hacker groups, REvil and JSWorm were the brains behind this ransomware variant resurgence.
Another valuable input received from the reports on this new strain of ransomware was the segregation of victims into groups based on the industry. A majority of the ransomware 2.0 targets belonged to Engineering and Manufacturing (30%). This was followed by Finance (14%), and then Professional and Consumer Services (9%). Legal, IT and Telecommunications, and Food and Beverage industries received equal attention at 7%.
Preventing Ransomware 2.0
Ransomware 2.0 is no doubt deadly. It is a ticking time bomb. It is one thing to be worried about regaining access back to your enterprise systems, but quite another to be constantly worried whether the stolen sensitive data will be misused at a later point in time. Not only is it a threat to your organisation but it is also a potential hazard to your brand reputation.
Following is a list of services and resources we have compiled that can help you deal with Ransomware 2.0 effectively:
- Fortify your email security: email is the gateway to phishing and ultimately to ransomware. Block phishing attempts at the door, using our advanced email protection software.
- Protect against ransomware with DMARC.
- Follow these 10 steps for ransomware protection.
- Spot and prevent phishing attacks.