Ransomware attacks are on the rise, with threat actors having extorted around $449.1 million so far in the first half of 2023 – making it $175.8 million more than in 2022.
According to blockchain analysis firm Chainalysis, ransomware is the only cryptocurrency-based crime on the rise, while other types of threats, including different malware, scams, hacks, fraud shops, darknet markets and more, have seen a significant decline.
If the amount of successful ransomware payments continues, cybercriminals are expected to extort $898.6 million from victims in 2023. This will make it the second-biggest year in ransomware payments, following the $939.9 million stolen in 2021.
Despite ransomware revenue falling in 2022, the form of cybercrime is quickly on the rise again. Both big and small ransomware payments have increased, meaning large-scale companies and individuals are at risk.
“For one thing, big game hunting — that is, the targeting of large, deep-pocketed organizations by ransomware attackers — seems to have bounced back after a lull in 2022. At the same time, the number of successful small attacks has also grown,” Chainalysis explains.
There are several notable ransomware strains used for big and small attacks, with threat actors using them to request payments of different amounts from victims. Check out the culprits and what to beware of below.
|Average Payment Size in 2023
Basic strains, including Dharma and Phobos, mainly target smaller individuals and are primarily used in widespread attacks. These can be found in simple phishing email campaigns to affect as many users as possible. As for the more high-level strains, such as BlackBasta and Cl0p, these target more significant organisations, asking for millions to be paid due to confidential company information being stolen.
According to the report, both types of strains have been more active compared to last year. With ransomware seeing an uptick in 2023, it’s a good idea to understand this type of malware and how to defend yourself against it.
What is ransomware?
Ransomware is a type of malware that cybercriminals use to restrict access to files on a victim’s device, encrypting user data and demanding a ransom payment in order to gain access to them. If users don’t comply, these hackers will threaten them by leaking personal data they’ve locked down. It’s like someone changing the lock on your door, making new copies of a key, and asking for an outrageous sum of money to gain access to your property again – or they’ll sell off everything you own.
If a ransom is paid off, hackers will release the decryption key for users to gain access to their files again – or so they say. Furthermore, threat actors will make large claims that they haven’t just locked your files but have also obtained sensitive information on your device (a.k.a data theft), convincing users they can easily leak your data online. However, they may not have this data at all; cybercriminals are just bluffing their way to stealing your hard-earned cash.
These fear tactics convince victims that they must fork over a specific ransom, but these hackers may not give you access to your files once you’ve made the transaction, and they may not even have your data at all. This is why it’s important to never comply and to make sure you have the right ransomware protection so you’re never in this position in the first place.
How to stop ransomware
The problem with ransomware is that it’s tricky to get rid of. Even Bitdefender’s Director of Threat Research states that “ransomware is irreversible.” However, this doesn’t mean you can’t be prepared, as there are ways to block and prevent your data being taken.
The most important step in keeping your data safe is to have a backup of your files. This can be through Apple iCloud, Google Cloud Storage, Microsoft OneDrive or any app that lets you keep your important data safe. In the case of a ransomware attack, your files will be easily recoverable since they’ve been backed up. They may not be as up to date, but at least you’ll have access to them.
Use an antivirus to block ransomware
Providers such as Bitdefender, Norton 360 and Malwarebytes have excellent detection and protection rates that defend against all forms of malware, meaning they can block and get rid of ransomware before it gets its hands on your personal files. They also analyse and scan through malicious websites and emails to make sure you don’t mistakenly download ransomware in the first place. Furthermore, some subscription packages come with 100GB of cloud storage, which is perfect for stopping hackers keeping your private data hostage.
For a better look at different antivirus software and which is the best for you, check out our reviews:
Use ransomware protection
Windows 10 and Windows 11 come with ransomware protection as part of Microsoft’s Windows Security suite. It’s a handy security tool that restricts applications from accessing, changing or encrypting the files in specific folders. This is key in defending against malware such as ransomware, as it prevents hackers from sneaking their way into folders to steal and lock down your private data.
You just need to turn on Controlled Access. You can find out how to turn on your PC’s hidden ransomware protection, and you can find a brief guide below:
- On your device, type in “Virus & threat protection” in the search field located on the taskbar.
- Select Virus & threat protection.
- A window will pop up. Under Virus & threat protection settings, select Manage settings.
- On the next page, make sure to turn on Real-time protection.
- Scroll down and select Manage Controlled folder access.
- Switch in Controlled folder access.
With this turned on, key folders such as Windows system folders, your default documents and pictures folders with be protected by default. You can add more trusted folders to protect by selecting Protected folders > Add a protected folder.