We live in the age of do-it-yourself projects. Whether you need to plan a wedding or retile your bathroom floor, there’s almost nothing you can’t do by just Googling it. This includes cybercrime and, more specifically, ransomware.
Since the first modern ransomware attack in 2013, the number of attacks have grown exponentially. Researchers saw a 13 percent increase in ransomware attacks month-on-month in 2016, with 91 percent of IT service providers reporting they assisted ransomware victims. These malicious attacks are becoming easier than ever for cybercriminals to launch. Today it’s not just those “Russian hackers” leaving companies and individuals in distress.
In 2015, one dark hacker website launched Tox, a free ransomware kit which required next to no technical skills to run and could be set up in three simple steps. More recently, Krebs on Security ran an article about Philadelphia, a “ransomware-as-a-service crimeware package.” For just $400, future cybercriminals gain access to everything they need to start launching malware campaigns around the world, including PDF reports and malicious software. These are just a few of the many DIY ransomware kits aspiring cybercriminals can have up and running within the afternoon.
As ransomware becomes available to even the most novice hacker, threats are expected to be more likely than ever. Unfortunately, there’s very little businesses can do to push back against the rise of ransomware. Entrepreneurs can only hope to protect themselves by making sure their teams are aware and alert of the dangers and particularly vigilant of suspicious emails. Businesses must also check that their data protection system is providing regular backups, and that they have an incident response plan ready to recover systems in the increasingly likely event of a ransomware attack.