After a lull in 2018, Ransomware has risen once again to the top of the threat list for businesses both large and small who seek for ways to stay safe from Ransomware . In 2019, local governments, hospitals, and schools all faced ransomware attacks. These attacks locked up important data and disabled critical systems for days.
It is well accepted by Cyber Security Experts that Ransomware is one of the greatest security concerns ever to exist. A Ransomware attack can strike at any time & may occur on even on the most seemingly resilient of systems.
For an attack to occur all it takes is one wayward click combined with inadequate security controls. For Ransomware to lock down your network and potentially lose critical business information.
According to Cybersecurity Ventures, a new organization will fall victim to ransomware every 14 seconds in 2019. This figure is predicted to rise to every 11 seconds by 2021.
Why is this Cyber threat on the rise?
Simply put, ransomware remains an ever-growing problem because it is an extremely lucrative criminal enterprise. Targeted organizations often believe that paying the ransom is the most cost-effective way to get their data back . This unfortunately, this may also be the reality. The problem is that every single business that pays to recover their files is directly funding the development of its next generation. As a result, it is evolving at an alarming rate with new and more sophisticated variants. This makes defending your organization’s data more critical than ever.
Cybersecurity Ventures predicts ransomware attacks will cost the global economy $6 trillion annually by 2021 if Organizations don’t find ways to stay safe from Ransomware.
Ransomware has also become more pervasive, in part, thanks to the following:
Ongoing digital transformation: As more organizations digitize their operations. The number of potential entry points (email, mobile devices, apps) increases exponentially. If a breach happens, infections can spread quickly since it’s more than likely these critical systems are connected.
The rise of cryptocurrency: Currency, like Bitcoin, enables easy and virtually untraceable payments to anonymous cybercriminals.
The emergence of Ransomware-as-a-Service (Raas): Ransomware kits can be purchased for a small fee, making it accessible for practically anyone, even non-technical criminals, to use and profit from easily.
Plus, attackers are getting smarter. They know we’re distracted. And where are we more likely to be the most distracted? On our phones! In the 2019 Verizon Data Breach Investigations Report. Researchers found that users are much more vulnerable to social attacks that they receive on mobile devices.
But where do you start to stay safe from Ransomware?
Lots of questions come to mind. With the ability to penetrate organizations in multiple ways, fighting this threat effectively requires more than one defensive mechanism.
Below are the main Ransomware Protection & Mitigation measures . You are best protect if you use them in Combination as there is currently no single solution which can completely protect an organization or an individual from ransomware attacks. :-
Do the following:
- You should Never Click on any Unknown / untrustworthy links.
- Personal information such as login details should not be shared, don’t be tricked into revealing them.
- Do not open Email attachments that appear to be Suspicious.
- Never Use a USB storage device that you don’t recognize. Cyber-criminals may have infected the storage medium and placed it in a public place to entice somebody into using it.
- You Should Maintain the latest versions of your programs and operating system. This ensures that all the relevant security patches and updates which prevent any potential flaws from being exploited are in place.
- On Public Wi-Fi Networks, use secure VPN services such as Proton VPN.
- You should enable Multi-Factor Authentication (MFA) – a security technology that requires multiple methods of authentication from independent categories of credentials to verify a user’s identity for a login or other transaction. Multifactor authentication combines two or more independent credentials: what the user knows, such as a password; what the user has, such as a security token; and what the user is, by using biometric verification methods.
Additonal steps to Stay Safe from Ransomware
- If you have high risk targets, consider using a virtual Desktop service like Citrix, Azure Desktop, Amazon WorkSpaces or Tehama. If the virtual machine is infected you can just create a new one from the master image.
- Use an Email Service like Proof Point to screen for known Ransomware vectors and open links in a Protected Sandbox.
- Consider a zero day network defense like Fireye or Extrahop.
- You could make use of Cisco Umbrella to protect devices on and off the corporate network. It blocks DNS requests before a device can even connect to malicious sites hosting ransomware
- Ransomware can be mitigated by frequent, high quality data backups that are stored offline from the target systems and kept for a reasonable period of time. That way if your systems are compromised you can restore the data, this can be expensive so an appropriate budget has to be in place.
- The Cheapest alternative way is the social way, whereby you implement an awareness program for you users, which is specially focused on the importance of never clicking a dubious link or opening malicious attachments, this is the most useful and least expensive way to prevent a ransomware, as common sense is the best defense mechanism , the smarter your are users, the safer your systems are.