Criminals understand our weaknesses and how to exploit them. That means ransomware isn't going away.
Ransomware is rapidly shaping up to be the defining online security issue of our era. It's a brutally simple idea, executed with increasing sophistication by criminal groups. A huge chunk of our lives is now stored digitally, whether that's photos, videos, business plans or customer databases. But too many of us, both businesses and consumers, have been lazy about securing these vital assets, creating an opportunity which criminals have exploited.
Their brilliant twist was to realise they don't have to steal that data to make money: they just have to make it impossible for us to access it again -- by encrypting it -- unless we pay up.
Ransomware was once a menace mainly for consumers, but now it's a significant threat to business. Just last week, there were warnings about a new wave of ransomware attacks against at least 31 large organisations with the aim of demanding millions of dollars in ransom. The attackers had breached the networks of targeted organizations and were in the process of laying the groundwork for their attacks.
The vast majority of targets were household names, including eight Fortune 500 companies, tech security company Symantec said: if the attack (by a group calling itself Evil Corp) hadn't been disrupted, it could have led to millions in damages and downtime, with the impact felt through the supply chain. Some of the hyperbole around ransomware is overblown. It's probably over the top to describe these