Q&A: Understanding the Rising Threat of Ransomware Attacks
Written by Lucie Rutherford, UVA Today Media Contact
A rude awakening came to thousands of Americans in early May. Many motorists who had never seen the effects of a devastating ransomware attack found themselves scrambling to find a flowing gas pump, and waiting in massive lines when they did.
This came after a suspected Russian-linked criminal group breached the computer network of the East Coast’s largest oil supplier, Colonial Pipeline, shutting down its operations and threatening to leak stolen sensitive data if a $4.4 million ransom was not paid. Within days, pumps up and down the East Coast were taped off with “Out of Gas” signs.
It took an attack of this capacity, affecting lives so directly, for the average person to notice what can happen when data and software are held for ransom. The Colonial Pipeline attack was one of thousands each year, many of which go unnoticed despite the fact that millions of dollars are cumulatively spent in ransoms.
Between 2019 and 2020, ransomware attacks rose 158% in North America alone, and the collective cost of attacks reported to the FBI went up 200%, from $8.9 million to $29.1 million.
According to Don Brown, senior associate dean for research at the University of Virginia’s School of Engineering, Quantitative Foundation Distinguished Professor in Data Science and W.S. Calcott Professor in the Department of Systems and Information Engineering, criminal acts of this nature are not going away anytime soon, especially if companies continue to pay ransoms.
As the looming threat plagues organizations – from national security agencies and Fortune 500 companies to schools and small businesses – UVA Today asked Brown to explain the nature, commonality, protections and future of ransomware attacks.