Protecting Yourself From Ransomware Attacks

Posted on February 25, 2022
Author: RunSafe Security

Table of Contents:

Protecting Yourself From Ransomware Attacks

Cyber Attacks Cost $6 Trillion to Fix in 2021

Software Supply Chain Attacks Are on the Rise

The Rising Cost of Ransomware

Zero-Day Memory Exploits Have a Banner Year

RunSafe Security’s Alkemist is the Best Ransomware Prevention

In an increasingly online and interconnected world, it’s not surprising that cybersecurity breaches are more frequent or that their impact has gotten more severe. While there’s a growing understanding that cybersecurity is crucial, there’s also plenty of confusion around what real cybersecurity looks like. Unfortunately, many organizations that think they know how to prevent ransomware are more vulnerable than they realize, and it’s these unseen vulnerabilities that can lead to serious and costly damage to a company’s reputation and user data.

Cyber Attacks Cost $6 Trillion to Fix in 2021

From software supply chain attacks to zero-day memory exploits, the dollar amount for fixing issues caused by malicious actors just keeps rising. In fact, 2021 cyber attacks cost the world a total of $6 trillion dollars in fixes for the damage they caused. For perspective, if that amount was divided among all 332 million people living in the U.S., we each would’ve gotten just over $18,000. You may be wondering, “How did that amount get so high?”

Software Supply Chain Attacks Are on the Rise

The supply chain is now global, and its increasingly complex nature results in many vulnerabilities that enterprising attackers can use as an entry point. This can result in an incr樂威壯ease in software supply chain attacks. This frequently happens when packaged and open source code containing vulnerabilities is collected from many suppliers and combined into a software bill of materials. Because many vendors and other organizations don’t control most of their source code, and since it’s now common for enterprises to manage hundreds of thousands of vendors across the global supply chain, the risk of attack is much greater.

In mid 2021, the Kaseya ransomware attack left Kaseya, a huge IT management software company, experiencing one of the largest software supply chain attacks that we’ve seen. It’s estimated that 200+ companies were compromised when its VSA remote maintenance tool was compromised by ransomware. This is a stark example of how software supply chain attacks can create a domino effect for companies further down the chain.

Another notable attack that could have been avoided with the right ransomware prevention is the SolarWinds hack at Microsoft. A total of 18,000 SolarWind customers who’d downloaded the malicious update were compromised, including nine federal agencies and 100 private-sector companies. This massive, months-long attack occurred when bad actors accessed source code from three Microsoft products. As a testament to the dedication of these malicious actors, the breach first started in October 2019, before attackers made enough progress to view Microsoft files in November 2020.

The Rising Cost of Ransomware

If your organization isn’t taking ransomware prevention seriously yet, it’s time to start. The cost of ransomware is only going to increase, with $20 billion in payouts already occurring in 2021. By 2031, that total is likely to be somewhere around $265 billion. This is due, in part, to the increasing frequency of attacks as well as the increased costs needed for victims to recover after an attack occurs. The average ransom payment is about $200,000, but the average cost of correcting problems caused after the payout rose to $1.85 million in 2021. Last year also saw the largest ransom payout to date—a whopping $40 million from an insurance company. With an astronomical 518% increase in the average ransom demand in the first half of 2021 compared to 2020, the total increased from $847,000 to $5.3 million. One unnerving trend is the appearance of double extortion, or increasing the extortion techniques used to maximize success. Instead of just threatening the victim with the deletion of data and files, bad actors are now threatening to leak that information to the public and other malicious actors. As more attacks successfully result in large paydays for attackers, the more encouraged malicious actors will be to try their own ransomware attacks.

Zero-Day Memory Exploits Have a Banner Year

What you don’t know can be very expensive, as many found out in 2021. Zero-day exploits rose to their highest number yet in the first half of the year, increasing threefold year-over-year compared to 2020. While some of these attacks were bad actors exploiting a known vulnerability before a patch could be deployed, many malicious actors found entry to a network through undiscovered vulnerabilities. Many of those vulnerabilities—about 70%—were zero-day memory exploits. Memory has steadily remained a frequent entry point, as devices rely on memory as a core function. 

RunSafe Security’s Alkemist is the Best Ransomware Prevention

If you’re wondering how to prevent ransomware from taking down your operation, RunSafe Security’s Alkemist is your solution. RunSafe Security built the patented Alkemist based on a wrap-around approach that addresses cybersecurity at every stage of development and across all areas of need. 

To address software supply chain attacks, Alkemist gives organizations the power to inoculate their systems against attacks originating from both hardware and software, whether or not they have access to their source code. This technology can prevent an attack from succeeding and from spreading throughout systems by addressing vulnerabilities and preventing supply chain disruptions. 

Alkemist also fills a huge hole in application memory defense with a simple and low-cost solution to protect against zero-day memory exploits by securing virtual and cloud infrastructures. This patented technology is able to run each component or workload through a process designed to harden it before it is deployed, eliminating entry points even in applications that you don’t have visibility into. 

Experience this effective solution to cybersecurity breaches. See what Alkemist can do for your company by taking it for a free test drive. Or, contact us today to speak to one of our knowledgeable team members.

FAQs:

What are some notable supply chain attacks in the past year?

The Kaseya ransomware attack compromised 200+ companies in the largest software supply chain attack to date. In addition, 18,000 SolarWind customers who downloaded a malicious update were compromised. 

How expensive is ransomware?

The cost of ransomware is continuing to rise with $20 billion in payouts occurring in 2021 and the largest payout hitting $40 million. While the average payout is only about $200,000, it costs $1.85 million to correct problems in the wake of an attack. 

How do attacks infiltrate a system?

The most common attacks are zero-day ransomware exploits where hackers exploit known and unknown vulnerabilities, accounting for 70% of attacks. 

What is the best ransomware protection?

RunSafe Security’s Alkemist protects against software supply chain attacks as well as zero-day ransomware exploits.

RunSafe Security’s 2025 Product Security Predictions

RunSafe Security’s 2025 Product Security Predictions

Product security has come a long way since  the early 2000s to the current iterations we’re seeing today. From CISA’s focus on Secure by Design to the growing emphasis on software supply chain security, software manufacturers, software buyers, and regulatory...

read more