Modern ransomware and its evolution

Posted by Branden Wallace & Rob Hinschberger, Advanced Office Solutions 19-03-2021 02:16 PM

In September 2020, The Government of Canada released a bulletin titled “Modern Ransomware and Its Evolution” alerting SMB’s across the nation of a drastic increase in external attempts to extort and withhold critical data / infrastructure from a diverse set of local industries. The ten-page document highlights the evolution of ransomware and the threat it poses on the business community.

Ransomware damages
Ransomware is defined as “a form of malware that uses encryption to disrupt information technology (IT) systems, typically to impede organizational functions that depend on having unfettered access to data”.

In 2019, the city of Woodstock in Ontario incurred over $660,000 in damages after refusing to pay its attackers.

  • Ransomware researchers estimate that the average ransom demand increased by 33% since Q4 2019 to $111,605 in Q1 2020 .

The result being a demand of electronic payment to decrypt data and restore business services. A common misconception of Canadian SMB’s is believing a hacker would not target their business as they believe they are “Too Small”, we are witnessing the exact opposite to hold true in the marketplace.

Hackers are using methods called phishing attacks, a tactic where every door, window and access point is checked for vulnerability to see if one can easily be opened. SMB’s leave themselves vulnerable to these attacks due to but not limited to:

  • Lack of IT related safety infrastructure (Business class servers, firewalls, data backups, etc.).
  • Absence of completed network vulnerability scans or network assessments.
  • Insufficient internal/external IT support.

In the bulletin, it was noted that Canada ranks among the top countries impacted by ransomware. Nine different key ransomware variants and operations were highlighted and while ransomware has appeared since 1989, it was not until 2013 when Russian cybercriminal Evgeniy Bogachev introduced “CryptoLocker” that IT ransomware concerns were brought to the forefront of SMB’s around the globe.

What to do to avoid the worst?
Now, you might be wondering what you can do to keep your business secure in the long-term?

  • Be proactive, don’t bluff off this reading or the latest ransomware attack and think “that would never happen to us!”
  • Investigate the last time you conducted an audit of your network security. If you outsource your IT operations, ask them for a detailed report along with an executive summary of your current infrastructure and assets.

Empower yourself and your business, do not be afraid to ask the tough questions and be curious!

We believe in a Relational vs. Transactional approach with customers to ensure the proper layers of support are in place. The investment in your IT infrastructure should yield visible success, return and increased peace of mind.

Branden Wallace & Rob Hinschberger, Advanced Office Solutions.