We’ve heard of super malware, like WannaCry and NotPetya. Both have caused a lot of damage, but it seems like they’re just a glimpse of what’s coming. In an effort to understand the potential risks caused by ransomware, the CyRiM project ran a scenario called the “Bashe attack” to analyze what the real-world effects would be. Read on to learn more about the effects of a global ransomware attack.
Global Ransomware Attack – The Bashe Attack
This is how the CyRiM project described the Bashe Attack in the first of a two-part report:
[The Bashe attack is] a fictionalised account of a catastrophic global cyber-attack through malware infection. It presents an unlikely, and extreme, yet plausible scenario that culminates in catastrophic economic and insurance losses with lasting consequences. The scenario narrative is informed by research into historical precedents and consultations with subject matter experts to ensure consistent validity and realistic conclusions.
While the attack itself might not be real, the results of the scenario do point to a severe problem. It seems like the world, in its entirety, is not ready for a global ransomware attack. This particular ransomware was designed “to be the most infectious malware of all time”, and the scenario proves its effectiveness. In 24 hours, the malware was capable of infecting “nearly 30 million devices worldwide”. This caused some serious economic harm on a global scale.
In order to make sure this kind of malicious propagation works, the attack starts off as a basic phishing campaign. The attacker delivers the malware via an email that imitates a company’s payroll address. The moment any user opens the email and activates the malware, it infects all of the devices connected to the same network. It also sends the same phishing emails to all of a user’s email contacts. This allows it to jump from network to network, encrypting data and locking devices down at a phenomenal rate.
What Were The Affected Sectors?
The primary sectors affected by the Bashe attack would include Finance, Healthcare, Transportation, Information Technology, and Retail and Hospitality. The global ransomware attack affected communication, productivity, trade, and the use of smart devices around the world. In fact, CyRiM predicts that an attack on this scale could cause up to $193 billion in economic loss around the world, with the retail industry contributing up to $12 billion in losses alone.
How To Protect Yourself from Ransomware
Would you be able to protect yourself from this kind of a ransomware attack? It might be difficult, as every single user on a network becomes a liability in this kind of situation. However, you can implement security measures that combat the malware currently active in the world.
Back up your data
The whole threat model of ransomware is to encrypt your data and lock you out of your device. It’s always a good idea to have your data backed up on a hard-drive or on the cloud to ensure that you can still access it even if your device gets locked.
Update your OS
Always keep your operating system up to date. Your OS’s developers will release security updates throughout the year to fix any vulnerabilities they find. If you don’t update your OS regularly, you won’t be able to protect yourself against new threats.
Install an anti-malware program
You need to have proper anti-malware software. You can check out our suggestions for the best anti-malware you can get here. Keep in mind that free anti-malware software might be dangerous. This is one of those cases where it’s better to subscribe to a known and trusted service rather than taking the chance with freemium software. Always keep your anti-malware software up to date. In fact, it might be a good idea to put your software on auto-update mode.
Don’t click on links and attachments you don’t trust
Malware and ransomware need a way of entering your device before they can wreak havoc on your data. In order to protect your device, make sure that you don’t click on any links or attachments if you’re not sure what they are, even if they’re in your personal email.
Use a VPN
A virtual private network is a service you can subscribe to that encrypts all of your data and secures all of your traffic. It re-routes your traffic through its own secure servers, making it very difficult for anyone to gain access to your internet communications. A VPN will make it very difficult to hack into your device/connection, which makes it harder for someone to target you. Our expert, Charles, has written an article on the use of VPNs as protection against ransomware, which I highly suggest you try out. I also suggest you use a credible and trusted VPN provider to secure your connection. Charles suggests using ExpressVPN as your go-to VPN, as it is known as the best VPN service currently on the market.
Global Ransomware Attack – Final Thoughts
So, that’s what would happen if the world suddenly had to deal with a global ransomware attack. I suggest you take a look at CyRiM’s full report to get the full implications of such an attack. I also suggest you take all of the necessary precautions to make sure you’re not putting yourself at risk. Finally, it’s important to note that being informed about internet security and about the prevalent risks is one of the best ways for you to keep up-to-date with what you should do to stay safe.
Let me know if there’s anything else you do to make sure your devices are as safe as possible in the comments below!