Ransomware a growing problem in NL; small businesses especially vulnerable

Ransomware is a growing problem for Dutch companies. Small- and medium sized businesses in particular are popular targets for this type of malware, according to security researchers, insurers and sector organization MKB Nederland, NOS reports.

Ransomware is a type of malware that blocks access to the data on your computer, unless you pay the cyber criminal behind the malware a 'ransom'. For businesses it can mean losing access to their administration, customer data or other important documents, sometimes bringing an entire business to a standstill.

"We already have 15 percent more cases this year than in 2018", Yasin Chalabi of insurer Hiscox, which offers companies insurance against cybercrime, said to NOS. "And then we still have a few months left."

Cyber criminals used to send out thousands of emails with ransomware-infected attachments, in te hope that some of the recipients would open it. But now they are much more focussed, the researchers notice. "Now criminals make much more effort. They break into a company's network, do preliminary investigations and do as much damage as possible", Frank Groenewegen, security expert at Fox-IT, said to the broadcaster.

Breaking into companies is more work than breaking into home computers, but the reward is also much higher for the criminals. "Consumers cannot pay 100 thousand euros, but sometimes companies have no choice", Groenewegen said. The amounts demanded from companies often run up into the hundreds of thousands of euros. "The larges amount that we encountered in a survey is 5.4 million euros", Groenewegen said. He couldn't say whether that ransom was paid.

The police and Public Prosecution Service always call on ransomware victims not to pay the ransom, as this keeps the criminal systems behind the malware running. But sometimes there is no alterative for companies, who face the choice of paying the ransom or losing business while they're shut down, or paying a much higher amount to rebuild their entire IT infrastructure. "If the problems are big enough, companies can even go bankrupt if they don't pay. That's what makes them so interesting to criminals", Jornt van der Wiel, security researcher at Kasperksy, said to NOS.

Earlier this year the Dutch police, along with various international partners, launched the No More Ransom platform, which contains decryption tools for all the ransomware types the authorities have broken through in the past. The police call on all victims of ransomware to first check the platform before paying the ransom.