The job title “ethical hacker” may seem like an oxymoron, but these computer-savvy warriors are in hot demand to help organizations find system weaknesses, strengthen network security, and help avert ransomware attacks.
Ransomware is malicious software that infects a computer, encrypts a user’s files, and makes them impossible to open. The criminal then blocks access to them unless a ransom is paid. Often attackers engage in double extortion by exfiltrating a copy of the data in advance and threaten to release the data to the public if they don’t receive payment.
Penta Security writes that these double extortion attacks can present a greater problem for companies if the data released to the public is damaging or embarrassing. Even if the company pays the ransom, there’s no guarantee that the hackers will delete the copied data.
A Rise in Network Security Breaches
Despite efforts to educate employees not to click on external links and investments in cyber security, hackers are successfully breaching firewalls. The PBS Newshour reported that between 2019 and 2020, ransomware attacks rose by 62 percent worldwide and 158 percent in North America. The FBI reported nearly 2,500 ransomware complaints in 2020, which is a 20 percent hike over 2019. The collective cost of ransomware attacks totaled about $29.1 million, up from $8.9 million the prior year.
Recent Ransomware Attacks
Ransomware attacks are more severe. This summer’s ransomware attack on the U.S. information technology firm Kaseya compromised the data of 800 businesses around the world. The hackers requested a $70 million payment in Bitcoin to unlock the compromised data.
While the Kaseya attack didn’t shut down critical U.S. infrastructure, last April’s ransomware attack on Colonial Pipeline Co. did. Affiliates of DarkSide, a Russia-linked cybercrime group, used a single, compromised password to breach Colonial Pipeline’s infrastructure security and shut down the nation’s largest fuel pipeline — leading to oil shortages across the East Coast. Bloomberg News wrote that Colonial paid the hackers a $4.4 million ransom. The hackers also stole nearly 100 gigabytes of data and threatened to leak it.
The growth of ransomware attacks prompted the White House to announce the formation of a task force to combat growing domestic and foreign cyber threats. NPR reported that the Biden Administration is offering $10 million for information that leads to identifying state-sanctioned cyber activity against crucial infrastructure. In addition, the federal government will also launch stopransomware.gov, a website to help businesses and state and local governments with cyber security issues.
Penta Security compiled a list of other notable ransomware attacks in 2020:
Toll Group : Suspension of Delivery Services
Australian transportation and logistics company Toll Group was hit by NetWalker ransomware in early 2020, forcing it to shut down significant parts of its delivery operations. The clients couldn't share, deliver, or track their shipments for many days. Later, the ransomware infected 1,000 servers in 50 countries, and its worldwide staff had to disconnect their computers from the company’s network. Later, Toll Group was hit with a second ransomware attack again in May, knocking its online portal out of service. The attackers also threatened to release sensitive data. Toll Group had publicly disagreed to pay the attackers, but it spent months dealing with customer concerns, reimbursements, and regulatory obligations.
Grubman Shire Meiselas and Sacks : Celebrity Data Compromised and Put On Auction
Hackers hit New York-based entertainment and media law firm Grubman Shire Meiselas & Sacks with the REvil ransomware. Hackers stole and encrypted sensitive private information of Lady Gaga, Madonna, Elton John, Bruce Springsteen, Mariah Carey, Barbara Streisand, and others. The attackers had first ask'd for a ransom of $21 million, but the law firm stood firm against paying. Next, the attackers put information about Madonna up for auction, which sold at a base price of $1 million.
University of California, San Francisco: Academic Research Work Compromised
The University of California, San Francisco, was infected with the NetWalker ransomware infecting many databases
Westech International : Classified Information Potentially Compromised
U.S. defense subcontractor Westech International suffered a ransomware attack that affected its IT systems. Westech provides support services for LGM-30 Minuteman III, a three-stage intercontinental ballistic missile (ICBM) designed for nuclear weapons delivery. Hackers exfiltrated sensitive data before encrypting them and published a portion of the stolen data online. Other military-related classified information might have been compromised.
Garmin : Massive Global Service Shutdown
Garmin, a multinational GPS navigation and wearable technology firm, had to shut down all services worldwide after a cyberattack in July 2020. Garmin had to shut down all systems to prevent the infection from spreading. Garmin was unable to receive calls, emails, and online chats.
Garmin was unable to receive calls, emails, and online chats. Later, Garmin app had used pilots to schedule and plan flights, also was shut down.
University Hospital of Dusseldorf : Infrastructure Security Breach Results in a Fatality
A German woman died en route to the emergency room when the closest hospital, the University Hospital of Dusseldorf, was shut down due to a ransomware attack. It was the first-ever reported human death caused by a ransomware attack, and the ransomware operators provided the decryption key without asking for a ransom payment.
Lg Electronics and Xerox : Sensitive Data Published Online
Hackers published data stolen from LG Electronics and Xerox on the data leak site for Maze ransomware. Both companies refused to pay the demanded ransom and suffered the second phase of the double extortion attack. Published data from LG Electronics included the source code of its products. The leaked data from Xerox involved the personal information of employees and potential customers.
Argentinian Borders : Shutdown of All Border Crossings
Argentina’s Department of National Migration suffered a ransomware attack that resulted in the shut down of internal IT systems and the forced closure of Argentina’s border crossings for four hours. The criminals asked $2 million for the decryption key and the destruction of the stolen data and then raised the price to $4 million after a week of nonpayment.
Strengthening Enterprise Security
Organizations and nations need to employ methods to better secure information and IT assets against ransomware and other unauthorized access. Penta Security recommends data backup and data encryption. Data backup is the duplication of the database into a separate network, so it can be accessed if attackers encrypt the original data. However, not every organization has the time and resources to duplicate and save all its essential data. Data encryption will prevent unauthorized access and help prevent extortion over sensitive information.
Ethical Hacker Jobs are Plentiful
The rise in ransomware and cyber hackers are creating a massive demand for cyber security workers. According to Cybersecurity Ventures’ Steve Morgan, there are 3.5 million unfilled cyber security jobs worldwide — enough to fill approximately 50 American football stadiums.
The Bureau of Labor Statistics (BLS) projects that between 2019 and 2029, employment for information security analysts will grow 31 percent. Plus, the job pays well: the median pay for information security analysts was US$103,590 or INR₹ 7,734,055 annually.
If an organization has trouble finding candidates to hire, retraining existing IT staff is an affordable and practical solution.
Build your network security skill-set and beat hackers at their own game with the Certified Ethical Hacking Course. Check out the course preview now!
Simplilearn’s Online Training Solution
Simplilearn’s online Certified Ethical Hacking certification training course gives students the needed training to master the techniques hackers use to penetrate network systems. It also offers certified students the skills to strengthen enterprise security.
Simplilearn also offers a Post Graduate Program in Cyber Security, which takes a comprehensive approach to learn how to protect your organization’s infrastructure and secure data. Courses include risk analysis and mitigation, cloud-based security, compliance, and more.
Those interested in expanding their skill set will find a wealth of opportunities with Simplilearn. Simplilearn’s flexible, online courses are taught by industry experts and will make you ready for the next step in your career.