KnowBe4 Security Awareness Training Blog

New Report Outlines “Bashe” Ransomware Global Infection Scenario Outcomes, including up to $193 Billion in Damages

Written by Stu Sjouwerman | Feb 6, 2019 11:47:13 AM
With the potential for a single coordinated cyberattack aimed at holding the world hostage and putting losses on a global scale, a new report models what it would look like.
 

We’ve seen plenty of ransomware attacks reach far and wide across the globe. NotPetya cost an estimated $1.2 billion, and WannaCry $8 billion. The newest report - ‘Bashe attack: Global infection by contagious malware’ – offers a look into what the aftermath would look like.

This report is produced by the Cyber Risk Management (CyRiM) project led by Nanyang Technological University, in collaboration with industry partners and academic experts including the Cambridge Centre for Risk Studies.

The report models a ransomware attack scenario on a global scale where hundreds of thousands of companies worldwide are infected. The model supposes a coordinated effort, taking months to setup, with the ransomware infection spreading using scripted email forwarding from each infected machine to the next.

According to the report, the estimated damages worldwide range from $85-193 billion, with global cyber insurance losses ranging from $10-27 billion.

This latest report echoes a 2017 report from Lloyds of London, where losses were estimated to be as high as $121 billion.

The Basche report brings to light the absolute need for organizations to step up security. The very scary aspect of the report is the pointing out of the research & development done by this “team”; in a breakout of this nature, it’s reasonable to assume that the cybercriminal team behind such an attack has figured out how to get passed then-current security solutions.

The one factor that can’t be bypassed is an employee with an elevated security mindset. No single attack can look authentic 100% of the time. So it’s important to have employees undergo frequent Security Awareness Training to educate them on phishing attack tactics (the very same ones used today are proposed in the report) and how to avoid becoming a victim.

The one thing the Bashe report doesn’t point out is if the user doesn’t click on the contents of the malicious email, the ransomware never gets installed. It’s an important aspect of this global attack scenario; if your users know better, you won’t be a victim.

Ransomware Hostage Rescue Manual


Get the most informative and complete hostage rescue manual on Ransomware. This 20-page manual is packed with actionable info that you need to prevent infections, and what to do when you are hit with malware like this. You also get a Ransomware Attack Response Checklist and Prevention Checklist. You will learn more about:

  1. What is Ransomware?
  2. Am I Infected?
  3. I’m Infected, Now What?
  4. Protecting Yourself in the Future
  5. Resources

Don’t be taken hostage by ransomware. Download your rescue manual now! 

Or cut&paste this link in your browser:  http://info.knowbe4.com/ransomware-hostage-rescue-manual-0