Sophos CEO sounds the alarm on enterprise ransomware attacks
Ransomware is increasingly becoming a problem for companies, and the CEO of a leading computer security company says he fears 2017 could see entire companies shut down until they pay up, or risk losing all their data.
Ransomware works by infiltrating a computer with malware and then encrypting all the files on the disk. The user is presented with a limited time offer: Lose all your data or send money with the promise your data will be unlocked. The fee typically varies from a few tens of dollars to hundreds of dollars and often has to be transmitted in Bitcoin.
The problem began on a fairly small scale, targeting individual users, but has been growing. Last year, a hospital in Los Angeles admitted to paying $17,000 to get its system unlocked, and a report in October said ransomware cases were on course to quadruple in 2016 over the previous year.
But Kris Hagerman, CEO of Sophos, fears this is only the tip of an iceberg.
“It’s not inconceivable you could see a bank get targeted and they could say I want $10 million overnight or I’ll delete your files,” he said in an interview at the RSA security conference in San Francisco.
Ransomware presents companies with an extra level of complexity: a ticking clock that provides only a limited amount of time to try to disable the attack and retrieve data or risk is all being lost.
“It can bring an organization to its knees,” he said. “There are plenty of organizations that are not up to date in their backups and have not taken the full comprehensive approach to security to be able to combat this thing.”
One of the things making matters worse is the proliferation of websites that offer attack tools to anyone with a credit card.
“Today, you can be a very successful cybercriminal and not know a single thing about computer code,” he said.
Some even offer a money-back guarantee, if would-be criminals are not completely satisfied with the results, said Hagerman.
Sophos sees a stunning 300,000 to 400,000 unique pieces of malware each day running through its systems, and each of those presents a potential problem for companies that don’t have the right defense.
And at the end of the day, it’s all about building a high enough wall that cybercriminals go elsewhere, said Hagerman.
“The way that you really fight cybercrime is you make it more expensive for them,” he said. “When it becomes hard and less profitable, they take their advanced skills and do something else.”
Hagerman said laws against cybercrime had a limited effect because of the problems with identification and pursuit, especially across borders.
“For [criminals], it’s an ROI as well,” said Hagerman. “If you make it harder, they’re going to find another target or find another line of work.”