Incidents of ransomware attacks against organizations have reportedly been on the rise during 2020. Ransomware attacks occur when cybercriminals intentionally place malware on the victim's computer, encrypt the victim's files, then demand monetary payment in order to resolve the issue. In many contexts, ransomware attacks can be seen as acts of cyberterrorism.
Although any individual or type of business can be a potential victim of a cyberattack, hospitals and healthcare providers have seen a particular surge in cases recently. The first half of 2020 alone saw 41 hospital and healthcare organizations fall victim to ransomware attacks.
The recent uptick in ransomware attacks can be seen in part due to the COVID-19 remote work environments, with individuals experiencing more potential risk with cybersecurity while working from home.
Researchers predicted that COVID-19 remote work sites would "set the scene for an explosion of ransomware incidents." Considering the heightened level of recent attacks, that prediction appears to be coming true. Unfortunately, the problem of ransomware and remote work may not go away easily, either. Based on estimates by Global Workforce Analytics, "25-30% of the workforce will be working-from-home multiple days a week by the end of 2021."
In the last year, an alarming 51% of businesses have been affected by ransomware in some way.
At the same time, there may be more at play with the increase in attacks than complications related to changes in work structure during the pandemic, especially considering inevitable technological advances over time that allow for more sophisticated cybercrime. While there has been a recent increase in incidents, there's been a long history of ransomware even preceding the pandemic.
The first documented ransomware attack occurred in 1989. After that, ransomware was less common during the 1990s. Since the mid-2000s, ransomware became more prominent and has remained a threat since. In 2017 alone, for example, victims lost over $2.3 million in 1,783 ransomware incidents as disclosed by the FBI. In comparison, credit card fraud accounted for $57.8 million in losses that same year.
Any victim of an "online or internet-enabled crime," which would include a ransomware attack, should file an immediate report with the Internet Crime Complaint Center (IC3), according to the FBI. This can be done here.
Popular cybersecurity companies include: Blackberry (NYSE: BB), Cisco Systems (NASDAQ: CSCO), Cloudflare (NYSE: NET), Crowdstrike (NASDAQ: CRWD), Okta (NASDAQ: OKTA), Splunk (NASDAQ: SPLK), VMware (NYSE: VMW), as well as exchange-traded funds like Trust NASDAQ Cybersecurity ETF (NASDAQ: CIBR) and the ETFMG Prime Cyber Security ETF (NYSE: HACK).