Ransomware resembles other cyber-attacks in terms of how it enters a network and propagates, but the threats it poses for businesses and individuals are often magnified.
In addition to loss of revenue, a ransomware attack prompts legal challenges and, in some cases, even national security concerns, along with the need to decide whether to pay the ransom to restore access to business systems and data. With recent attacks having crippled operations in cities and businesses worldwide, leaders of both public and private organizations are increasingly focused on identifying and addressing their own potential vulnerabilities.
When ransomware shuts down operations or makes back-office software inaccessible, the immediate loss of revenue can be significant. When attackers also obtain customer data, legal issues quickly transcend technical concerns. A data breach (e.g. exfiltrated data) means attackers are able to demand a faster response and larger payment.
The trend of ransomware delivery from virus, to worm, to warfare has increased the concern among observant corporate boards, who are evaluating their international exposure in a new light. Although ransomware attackers could be company insiders or amateur outsiders, evidence increasingly shows they could also be sophisticated agents of a foreign entity or government.