A morning routine when I come into work – I turn on my computer and visit multiple cybersecurity news sites to read the latest on the industry. Whether it’s Krebs on Security, Naked Security by Sophos, Reddit Cyber Security, or any other credible source, staying sharp on pain points and challenges is crucial to knowing how to best assist organizations in need.
Among other malicious schemes, a prevalent cyber-crime tactic today is Ransomware attacks, a consistent headliner in 2016. This attack method is a creation of software designed to block access to a computer system until a sum of money is paid to the hacker. Though Ransomware has been around since the late 1980’s, it has only recently come to the forefront of established tools for hackers around the globe as it is refined and new variations have been created.
How does it work?
Instilling fear into victimized employees and businesses, Ransomware attacks are tremendously effective as an extortion method. It targets pictures, documents, files and any data that could be invaluable to your company’s operations. The targeted employee’s browsing behavior or naivety of safe and secure links grants access to the Ransomware attacker, which is their ticket into the system. After having exposed this sensitive information to the hacker, out of sheer embarrassment, anxiety of losing their job or importance of the locked data, they cough up the bounty to recover the files.
The Numbers Don't Lie
Large-scale Ransomware incidents have led the United States and Canadian governments to issue a joint statement about ransomware and its malicious capabilities. Microsoft TechNet states that the United States, Italy, and Canada are countries with the most attacks, USA leading with over 320,000 machines compromised. In the Malwarebytes study of 500 companies in four countries, they found nearly 40% of all businesses experiencing an attack in the past year, and more than one-third of the Ransomware victims lost revenue as a result of the attack.
Just last year, CryptoWall attacks (a form of Ransomware) racked up a $325 million lump sum of money globally, that organizations paid for on that variation, alone.
Top Preventative Measures
So, what can you and your business do to protect yourself? Strengthen defense in depth. Some keys are:
- Having control of end points and servers and making sure to have a full and complete inventory.
- Having a good anti-virus strategy and ensuring proper hygiene and configurations of the tool.
- Having a good backup strategy – in the event where a file is lost to Ransomware, you can recover a version of the file.
- Having a great Incident Response program and playbook. An instance of ransomware occurs and you can identify that there is an issue, contain the malware from spreading, remove the malware, and restore systems back to an operational state.
- Having a security awareness program to educate employees when and how to spot certain campaigns which could introduce malware into a corporate environment.
These are a few of the proactive steps one can take to secure your environment and defend against Ransomware attacks.
RESOURCES
https://www.theguardian.com/technology/2016/aug/03/ransomware-threat-on-the-rise-as-40-of-businesses-attacked
https://www.microsoft.com/en-us/security/portal/mmpc/shared/ransomware.aspx
https://www.scmagazine.com/ransomware-became-main-threat-to-android-users-in-1h-2016/article/548118/
https://nakedsecurity.sophos.com/2016/04/04/ransomware-alert-issued-by-us-and-canada-following-recent-attacks/
