Subscribe to the Teradata Blog

Get the latest industry news, technology trends, and data science insights each week.



I consent that Teradata Corporation, as provider of this website, may occasionally send me Teradata Marketing Communications emails with information regarding products, data analytics, and event and webinar invitations. I understand that I may unsubscribe at any time by following the unsubscribe link at the bottom of any email I receive.

Your privacy is important. Your personal information will be collected, stored, and processed in accordance with the Teradata Global Privacy Policy.

Ransomware is Becoming the Most Prevalent Malware Attack - Don’t Become the Next Victim

Ransomware is Becoming the Most Prevalent Malware Attack - Don’t Become the Next Victim
Ransomware is a type of malware that can either encrypt all of your data (i.e., crypto-malware) or lock you out of your computer. Once the ransomware has infected your computer, it will ask you to pay ransom, usually in the form of cryptocurrency (i.e. Bitcoin), in exchange for decrypting your data or unlocking your computer.

Seven out of 10 malware payloads were ransomware. The three most common ways ransomware spreads are through ransomware infected emails, software vulnerabilities and security control and/or architecture weaknesses that can be exploited. In 2020, 73% of all ransomware attacks were successful.

Ransomware attacks can be devastating, especially for small businesses that can’t afford to pay a ransom for their data. That’s why it’s important to stay informed about what ransomware is, how it works and the types of ransomware there are.

There are many types of ransomware, and with new ransomware threats constantly appearing, it can be a little daunting. According to recent ransomware statistics from cybersecurity firm Coveware, these were the most used ransomware attacks in 2020:
  • Maze — Data-stealing ransomware that threatens to sell your data
  • Phobos — Ransomware that locks productivity documents
  • REvil (Sodinokibi) — Ransomware program that’s difficult to detect
It’s important to remember that ransomware is a business -- attackers have a profit incentive. According to a study by security firm Sophos, in 2020, 51% businesses were impacted by ransomware and it is expected that by the end of 2021 a company will impacted by a ransomware attack every 11 seconds. The COVID pandemic has made matters even worse as cybercriminals have started to attack new entities, including schools, healthcare providers, and government institutions. The recent U.S. Colonial Pipeline ransomware attack is just one of many examples.
Ransomware costs businesses billions of dollars each year which translates to about $8500 per hour. By the end of 2020, cybercriminals using ransomware had accumulated $20 billion in ransom payments. That number is projected to reach $265 billion by 2031, according to Cybersecurity Ventures.

The average ransom demand has reached $178,000 in 2020. Fortunately for small businesses, the average is only $5,900. The highest reported payment was U.S. travel services company, CWT Global, in July 2020. The ransom settlement was around $4.5 million.

So how do we protect ourselves against becoming a victim of Ransomware? For one thing organizations must have a reliable backup strategy, both online (cloud) and local, so that data can be restored before it was infected by the ransomware attack. Backups, however, can’t stop the attacker from still having your data and threatening to sell it on the dark web.

Organizations must have a robust defense-in-depth security strategy with a zero-trust model approach. They must have strong multi-layered encryption, adaptive multi-factor authentication, accurate data classification and proper role-based and/or attribute-based access control. Lastly, organizations require a comprehensive, easy to follow Security Awareness Training program to ensure their users are well-versed about the threats, risks, and consequences of an attack and how to work safe. Turn your users into “human firewalls.”

Portrait of Anthony Cicero

(Author):
Anthony Cicero

As a member of the Center for Enterprise Security (CES) team, Anthony works closely with Teradata's strategic customers in the Americas to help them design the right security framework and strategy solutions to meet their security and privacy needs. This includes encryption, authentication, access control, etc. by building on the foundation of advocating, designing and delivering defense in depth, industry best-practices. As a Security/Privacy Architect, Anthony is responsible for articulating to customers all aspects of security and privacy to assist account teams with closing new and existing core opportunities by focusing on the customers’ business-enabled security, privacy and compliance requirements.

Anthony is a Certified Information Systems Security Professional (CISSP) and has been working exclusively within the security and privacy realm for 20 years. Previously, he ran the premier customer success organization for McAfee supporting North America which provided security consulting and support to the worlds largest companies including current Teradata customers.  

Anthony loves boating, golf, home improvement and cars (classics and fast sports cars). View all posts by Anthony Cicero

Turn your complex data and analytics into answers with Teradata Vantage.

Contact us