Ransomware Now Encrypts Faster than Organizations Can Respond

In a recent new study, results found that new ransomware can encrypt at a rate of 54 GB in 43 minutes. Considering that most compromises take roughly three days to be detected, this new finding is alarming and makes reactive-based mitigation nearly impossible.

The rate of encryption directly affects organizations’ ability to respond to prevent a total loss of data from an attack if there is no active anti-ransomware protection software in place to combat it. 

From a mitigation standpoint, organizations are losing before they even try. Even if a compromise could be detected within that short of a window, addressing or stopping the threat in under 43 minutes is essentially impossible. Moreover, not all ransomware operates at the same speed, with some variants being faster than others, posing even more challenges to effective mitigation. 

What else did the report find? 

• The report studied the performance of 10 families with 10 separate binaries across Windows operating systems and hardware specifications, including DarkSide, LockBit, and REvil.
• LockBit (a ransomware-as-a-service offering) was the fastest variant to encrypt any system. It can encrypt at a rate of almost 25,000 files per minute.
• The report also created a virtual environment in order to see how fast ransomware encrypts. 
• Data showed that some ransomware families used increased system resources better than others, with some even crashing when deployed on the faster test systems.

The report summarizes one key finding: ransomware is becoming both more unique and more advanced over time. 

Here’s what you need to do: 

Now more than ever, preventing ransomware attacks from launching in the first place is the best and only successful approach. Reactive practices, by definition, do not work in preventing attacks. Completely preventing ransomware attacks from occuring in the first place is the only defense worth considering for your organization.

PK Tech services small to medium sized businesses in the Greater Phoenix Area. We provide IT support to a range of industries and business types. If we can support your business in any way, get in touch with our team here.