Today, there’s a good chance you know of either an individual or a company who has fallen victim to ransomware. In fact, unless you have been living in the Amazon jungle with no connectivity, you will have heard of the simple, yet terrifying concept of ransomware.
“Essentially, ransomware is malicious software that is designed to hold up a computer system until a certain amount of money is paid. It’s a simple, yet terrifying prospect, and a scourge that is growing exponentially, with new types of ransomware rearing their heads on a regular basis,” says Lauren Wain, General Manager at Credence Security.
“In fact, given the surge in popularity of this scourge, if you haven’t been hit personally, you’re either extremely lucky, or you have the right tools and measure in place to prevent attacks of this nature,” she adds.
Wain says that dealing with a ransomware attack once it’s happened is like playing Russian roulette. “Unless you have backups, or the threat actors seriously messed up, you’ll end up either losing everything, or being forced to pay a ransom. Unfortunately, even paying the ransom is no guarantee that the files will be unlocked.”
Given how prolific ransomware is, businesses need to find better ways of combatting this scourge. “Ransomware is the ideal tool for the cyber criminal. It’s almost a form of passive income, as all they need to do is buy the necessary tools for a few dollars on the dark Web. Many sellers of this type of malware even offer customer service and support for their tools. The victims, who find themselves unable to access crucial files and systems, are desperate to get their access back, and often end up paying. Moreover, payment is usually in untraceable Bitcoin, making the transactions near impossible to trace.”
Over and above the individual, a successful ransomware attack on a sensitive industry such as healthcare, or finance, can have catastrophic events. “We have seen a shift in this type of attack, which is moving away from individuals to target businesses and larger entities. This isn’t surprising given that organisations have far deeper pockets than most individuals, and have more at stake should their businesses be inoperable for hours or even days.”
In terms of fighting this threat, Wain says there are several expected ways that companies can protect themselves. “These include having a really good anti-malware solution in place, as well as having up-to-date backups. In addition, never overlook staff education. Teach users about safe Internet behaviour, such as not clicking on suspicious links and similar. You’d be surprised how many individuals will still click on a link without giving it a thought, but it still happens frequently.”
Intrusion prevention systems (IPS) can also be effective in preventing ransomware. “These tools scrutinise network traffic, looking for any attempts to take advantage of holes or vulnerabilities. Bear in mind that vendors can only release a patch for a vulnerability once it’s been discovered, and this can take days to release and roll out, and then the organisation still needs to apply it to relevant systems. IPS can weed out any attempts to exploit these.”
Another useful tool, she says, is email security – particularly blocking attachments in emails. “As I said earlier, users are still inclined to click on links and attachments without thinking, and blocking all but the most crucial attachments can prevent this from happening.”
Ultimately, ransomware is a threat that is on the rise, and poses a massive danger to all businesses in all industries. “Companies need all the help they can get. There is no one solution, but a combination of tools, procedures and common sense can help prevent your business from becoming the next victim,” concludes Wain.