Since the beginning of COVID-19, the frequency of ransomware attacks has risen 400%. Criminals are taking advantage of the increased vulnerabilities caused by remote work. The more software and networked devices a business has to protect, the greater the chance their security systems will falter. The growth of ransomware as a service has allowed cyber crime to grow beyond a group of talented hackers. “Gangs” provide easy to use malware to criminals in exchange for a 20 or 30% cut of the ransom. With payouts from businesses in the millions and low chances of being brought to justice, cybercrime has grown more lucrative than ever.
Just like the coronavirus, ransomware is a global disease. The infection progresses in 3 stages. First, crypto ransomware encrypts files and denies access to users. Then, malicious actors demand ransom payments in exchange for the decryption keys. When a business caves and pays ransom in the third step, they are forced to use anonymous cryptocurrencies such as Bitcoin. Common strains of ransomware include WannaCry, which has affected 125,000 companies in 150 countries, and Ryuk, which was responsible for ? of all ransomware attacks in 2020.
Just like businesses were not prepared to handle COVID-19 outbreaks, most are not prepared for a ransomware outbreak at their workplace. The majority of companies have an IT security budget of less than $10,000, nearly 10 times less than what the average cybersecurity engineer makes in a year. This means businesses are either not willing or not able to pay the salary of a human tech expert ro can keep their company safe from ransomware. The problem is especially apparent in small and medium businesses. 6 in 10 of SMBs lack a policy on what to do if they are targeted with a cyber attack, let alone the funds to retain cybersecurity expertise in house. While cybersecurity is a growing field, it is not growing fast enough to keep up with the need for such skills.
Can cybersecurity technology close the gap? Not entirely. Human attackers launch more sophisticated attacks every year. Artificial intelligence programs are developed using last year’s attack patterns. Responding to evolving threats
requires human expertise. AI solutions are not yet adaptable enough to serve in the long term.
Even in current conditions, AI solutions alone are not foolproof. Instead, they are prone to explosions of false positives and excessive alerts that annoy the business employing them. If employees learn to ignore their cybersecurity software, they run the risk of missing a real threat. Even so, the average person received 63.5 notifications every day. There isn’t enough time in a day for them to work through all the alerts on top of their regular jobs. Cybersecurity is supposed to let humans know what to trust. If it fails to do that, then it is not worth the investment.
Human experts need to work alongside technology to mount an effective cyber defense. Trained analysts have an advantage when it comes to detecting and responding to ransomware. They have the know-how most humans lack when it comes to weeding out false positives from alerts. Furthermore, they can see the context, relevance, and attack motivations that a software program would be blind to. Adding human cybersecurity experts to the team brings the best of both worlds together. Criminals are bringing their best to the table. If businesses are intent on stopping them, they must make similar investments in their infrastructure.
When cybersecurity matters are taken care of, employees can do what they were hired to do. Businesses can function as desired. Everyone benefits from peace of mind.