What’s new in ransomware?

Ransomware attacks--and defenses against them--are evolving fast, but enterprises still struggle to keep up.

Become An Insider

Sign up now and get FREE access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content. Learn more.

In June, South Korean hosting company Internet Nayana, Inc., was hit by a ransomware attack that took down its 153 Linux web servers -- home to more than 5,000 customer websites. "I know that negotiations with hackers should not be done," company CEO Hwang Chilghong said in a statement. "I would not negotiate with a hacker if it was the case that it ended in the damage of my own company alone. However, the scale of the damage was too great and too many people would suffer."

The company wound up paying nearly 400 Bitcoin to get its data back, which at the time was more than US $1 million. That was just part of the total costs the company incurred. In addition to the time and money spent on the recovery, the company had to give discounts and refunds to affected customers. Not all data could be restored, and the company promised affected customers free hosting for life.

Nayana isn't alone. Earlier this month, shipping giant Maersk says that a ransomware attack got into the company's systems via an automatic accounting software update. The cyber attack affected users and applications in 500 locations, the company says. While no data was lost, the recovery and loss of revenues is estimated to cost Maersk between $200 and $300 million.

And in a July earnings call, global pharmaceutical giant Merck admitted that a ransomware attack the previous month disrupted worldwide operations, including manufacturing, research and sales, and that some manufacturing operations still weren't restored.

Altogether, more than a million computers were infected by WannaCry, Kryptos Logic CEO Salim Neino told Congress earlier this summer. According to Cybersecurity Ventures, global ransomware costs will exceed $5 billion this year, up from just $325 million in 2015.

The reason? The attackers, seeing the potential for massive payouts, have been innovating furiously. The security industry has also been working hard to improve defenses, but it's hard for individual enterprises to stay up to date. As a result, the situation is likely to get worse before it gets better, experts say.

To continue reading this article register now

SUBSCRIBE! Get the best of CSO delivered to your email inbox.