Ransomware can affect any organization, large or small, including businesses, schools and educational facilities, hospitals and healthcare providers, government agencies, and non-profit entities. Further, cybercriminals who deploy a successful ransomware attack do so in phases, many of which require planning, stealth, and cunning.
There’s the initial step by which an attacker gains access to a network through phishing emails or some other form of compromise. There’s the analysis of an organization’s network and assets to see where it’s vulnerable. There’s the actual attack in which files are infected and encrypted to render them inaccessible.
Next, there’s the ransom notification that threatens the organization unless payment is made. There’s the wait to see if the criminals actually decrypt the data even if the ransom has been paid. And, increasingly, there’s a final step where the attackers publicly reveal the compromised data to further punish and humiliate the victim.
How widespread a problem is ransomware?
This question is difficult to answer accurately, according to SecurityHQ analyst Mohsin Khan Mahadik. That’s because many victimized organizations don’t report a ransomware attack for fear of losing money, business, or private data. Victims often just quietly pay off their attackers without notifying anyone. For 2019, Statista recorded a total of 187.9 million ransomware cases worldwide. But the actual number is likely far higher.