The Kaseya hack comes on the heels of other headline-grabbing cyberattacks like theColonial Pipeline hijackingand theJBS meat supplier hack.
And by all accounts, the attacks are only becoming more common.
First, a criminal hacks into a private web connection.
Once online grid access is gained, the criminal locks important files within the online grid using encryption.
The owner can’t get into the files unless they pay a ransom.
Nowadays, cybercriminals tend to request their ransoms in cryptocurrencies.
The FBIestimatesransomware attacks accounted for at least $144.35 million in Bitcoin ransoms from 2013 to 2019.
Today’s business world depends on computer networks to keep track of administrative and financial data.
When that data disappears, it can be impossible for the organization to function properly.
This provides a large incentive to pay up.
Given this, there’s little authoritative data about the number of attacks or ransom payments.
However, a recent study from Threatpostfound thatonly 20% of victims pay up.
Why do hackers like cryptocurrency?
Cryptocurrency provides a helpful ransom tool for cybercrooks.
“Bitcoin can be acquired fairly easily.
Different cryptocurrencies feature different levels of anonymity.
That’s because Bitcoin isn’t truly anonymous – it’s pseudonymous.
So Bitcoin isn’t necessarily used by ransomers simply because of security features.
Bitcoin transfers are also fast, irreversible and easily verifiable.
After the ransom is sent, it’s usually gone forever.
One of Bitcoin’s first popular uses was currency for transactions on the dark web.
Theinfamous Silk Roadwas among the early marketplaces that accepted Bitcoin.
Financial impact
Ransomware is big business.
That’s an increase of over 300% in the amount of ransom payments from the year before.
The COVID-19 pandemic set the stage for a surge in ransomware attacks.
It’s not just the number of attacks that is increasing, but the stakes, too.
When an organization falls prey to cybercrime, the ransom is only one component of the financial cost.
Many companies now buy cyber insurance for financial protection.
But as ransomware insurance claims increase, the insurance industry is also dealing with the fallout.
The increase is likely due to the growing cost these attacks cause for insurance providers.
“We noticed cyber insurers are paying ransom on behalf of their customers.
Early adopters
The AIDS Trojan, or PC Cyborg Trojan, is the first known ransomware attack.
The attack began in 1989 when an AIDS researcher distributed thousands of copies of a floppy disk containing malware.
Bitcoin wouldn’t come along until almost two decades later.
Bitcoin was quickly adopted as the go-to currency for the dark web.
CryptoLocker infected more than 250,000 computers over a few months.
The criminals made off with about $3 million in Bitcoin and pre-paid vouchers.
It took an internationally coordinated operation to take the ransomware offline in 2014.
Early ransomware attackers generally had to develop malware programs themselves.
Nowadays, ransomware can be bought as a service, just like other software.
Then if the job succeeds, the ransomware provider gets a cut.
President Joe Biden issued anexecutive orderin May “on improving the nation’s cybersecurity.”
TheInternational Cybercrime Prevention Actwas recently introduced by a bipartisan group of senators.
States are also taking their own stands against cybercrime:Four stateshave proposed legislation to outlaw ransomware payments.
New York’s law goes a step further and could outright ban private businesses from paying cybercrime ransoms.
“It’s difficult to legislate what we don’t really understand.”
