The advancement of technology has influenced the world in many positive ways. It has simplified communication for individuals and relatives across the world; Social media has enabled people to be up to date with information. Mobile phones have enhanced connectivity among people.
From the business angle, technology has opened up markets and enabled more collaboration and opportunities. Cloud storage and business optimization tools have made work easier and saved businesses a lot of money.
On the flip side, technology has exposed businesses and individuals to Illegal vices such as cyberbullying, identity theft and other types of cybercrimes. It has become so bad that cybercrime is now one of the biggest threats facing businesses survival today. According to data from Beaming, and Internet solutions provider, UK companies alone faced 146,491 attempted attacks in the second quarter of 2019, up from 52,596 in 2018.
Ransomware has however become one of the biggest misgivings of the reliance on technology and digital-based solutions. In 2017, over 19 companies in Kenya were affected by the WannaCry ransom attack according to the Communications Authority of Kenya (CAK).
The attackers were demanding about $300 (Sh30,000) in ransom to unlock affected devices. The ransom was only payable through Bitcoin.
For starters, ransomware is a type of malicious software that encrypts a computer system or data and blocks its access from a victim. They are mostly spread through phishing emails or visiting an infected website. Victims are then demanded to pay a ransom within a stipulated time to be given back access.
Since they have become very common today, many major companies in Kenya and the world over including government agencies have faced some sort of ransomware attack.
The end goal of all ransomware attacks is mostly monetary and the victim is contacted and given instructions of how to recover their documents after paying a certain amount of money through untraceable Cryptocurrencies such as Bitcoin to hide the criminal’s identity.
Some of the major ransomware attacks this year include the Baltimore ransomware attack (2019), Texas ransomware attack (2019), Florida ransomware attack (2019), 49 US school districts and educational institutions.
One of the most notable attacks is the Norsk Hydro Company, a global aluminium producer where 45m pounds were paid to the hackers according to the BBC News.
In Kenya, most of the businesses are Small and Medium Entreprises (SMEs) who comprise over 80percent of all companies. Even though SMEs may be small, they contribute to over 45 percent of the Country's GDP. They are also easy to target by cybercriminals because of their lack of preparedness and measures in tackling cybercrime.
Very few have put into place any measures to prevent attacks or even understand what ransomware is all about. This is despite them storing very important data on the cloud such as client data and financial information.
Ransomware can be traced back to 1989 when the “Aids virus” was used to extort funds from recipients of the ransomware. Payments for that attack were made by mail to Panama, at which point a decryption key was also mailed back to the user.
Attackers have grown creative over the years by requiring payments that are nearly impossible to trace. As some may use cryptocurrencies like bitcoin, others like Fusob ransomware that requires victims to pay using Apple iTunes gift cards instead of normal currencies.
Ransomware can lead to a damaged reputation, exposed confidential data and even collapse of businesses. The sad thing is that with the quest for the use of more cloud-based services and advancement of technology creates more opportunities for cybercriminals to try their luck.
Ransomware kits of various types and services are also readily available in the dark web and people even without much IT knowledge can be able to purchase a tailor-made ransomware solution and send it out easily.
What we can now see is the rise of a new cryptocurrency economy like Bitcoin driven by the hackers who are continuously looking for opportunities to infect systems and make a killing while at it.
This is therefore awake up call to organisations, whether small or big to take a deeper look at ransomware, identify it as a key challenge facing their sustainability and come up with sustainable ways of mitigating attacks.
For businesses to protect themselves from ransomware and other types of cyberattacks, there is a need to back up all their computing devices, update software regularly and regularly update anti-virus software. These are the first steps towards creating a cyber-extortion free environment for businesses to thrive.
Additionally, workers and Internet users must also be aware not to click on links, emails and attachments from strangers as well as malicious websites.
Lastly, there should be the enactment of internal and external company policies that dictate how data and information are managed and stored to prevent attacks and in the case of one, how to mitigate the effects.