6 Important Ways to Combat the Rising Threat of Ransomware
One form of malware that continues to be a major threat to both large and small businesses alike is ransomware.
During the first half of 2019, businesses saw a 77% surge in ransomware attacks, and this remains a global problem. In June, the National Cyber Security Centre (NCSC) issued an alert related to a ransomware variant called Ryuk that was targeting organisations in the UK and globally.
Likewise, the U.S. Federal Bureau of Investigation recently issued a Public Announcement in October 2019 that warned of “High-Impact Ransomware” and that “losses from ransomware attacks have increased significantly.”
Ransomware infects a computer system, and often the entire network, and encrypts data so it’s unreadable. Inside the ransomware is typically a message demanding a ransom in bitcoin to provide an encryption key and return file access to the user.
If a company hasn’t taken proper IT security precautions or followed best practices when it comes to data retention, they can easily become a victim of ransomware.
The average cost of downtime after a ransomware attack has increased 200% in the last year and is 23x the cost of the average ransom request.
The damage from a ransomware attack can be far reaching. Anyone traveling internationally and needing to use a currency exchange at an airport in early 2020 has felt the impact of one of the most recent major ransomware attacks.
Foreign exchange company, Travelex, announced on January 7, 2020 that they discovered a ransomware intrusion on December 31st and hackers were demanding a £4.6 million ransom.
The firm had to stop some currency exchange services due to the attack, which took down their computer system. Cashiers were resorting to using pen and paper to record transactions at airport cash desks. The Travelex attack also caused problems at Barclays, Lloyds, and Royal Bank of Scotland due to currency-related disruptions at Sainbury’s and Tesco supermarkets.
How do you protect yourself from the rising threat of ransomware? A multi-layered approach is the best way to ensure your computers and network can withstand an attack and mitigate downtime.
We’ll go through what to do next.
Steps for Protecting Your Business from Ransomware
There is no single protection against falling victim to ransomware. A smart strategy means taking a multi-layered approach that mitigates risk in a number of areas.
From training employees on spotting phishing emails to ensuring you have a quickly recoverable backup, all layers in an IT security plan work together to offer a wide net of protection.
Phishing emails are the #1 delivery method for ransomware. They spoof legitimate companies and trick users into doing things like:
- Downloading a malicious file attachment
- Clicking a link to a site that automatically downloads ransomware
- Typing their login credentials into a fake form
Anti-phishing applications that detect malicious links and file attachments can stop them from getting into your users’ inboxes in the first place, greatly reducing the risk of an infection.
Ongoing Employee Security Training
Your employees are typically your last line of defense when it comes to a ransomware attack. The attackers are specifically targeting them and trying to scam them into introducing the ransomware into your network.
Employees need the tools to be able to identify phishing attacks and know what to do when they see a suspicious email. Ongoing training that goes farther than just a one-off brochure is important to keeping your users prepared and cybersmart.
One of the newer forms of ransomware that’s designed to get past anti-phishing software is to use an invitation to share a file from a service like SharePoint. The link in the file attachment will be to a legitimate service like OneDrive, which can get past software looking for malicious links.
To safeguard against these types of attacks as well as others, using a firewall or other advanced threat protection application that includes web protection can help block malicious sites even after their link has been clicked. It will also immediately alert a user to the danger.
Safeguards Against USB Threats
Malware hidden on removable USB devices are a major threat, especially to industrial control systems that use USB drives to transfer information and apply updates.
The risk of ransomware on a USB device can be mitigated by using a technology like Honeywell’s Secure Media Exchange that gives users a way to check devices for any malware prior to plugging them into their systems.
Mobile Device Protection
Every year, mobile devices take over more of the office workload and they can typically access all the same programs and databases as desktop computers can through cloud-enabled programs like Office 365.
Mobile device ransomware and malware attacks in general have been increasing, and many companies are behind in securing mobile devices that have access to their data, especially if they use a BYOD (bring your own device) policy where employee-owned smartphones are used to access company applications.
Using a mobile device management software can help safeguard mobile devices, and include protections such as:
- Automated update/patch management
- Separates the “work” and “personal” areas of a mobile device
- Allows for remote wipe or lock of a lost or stolen device
- Administrators can grant or revoke access to company data remotely
Reliable Backup and Recovery
Those organisations that suffer a ransomware attack and never have to pay a ransom and have minimal downtime are the ones that have a reliable backup and data recovery to fall back on.
Backing up all your business data and systems to a cloud service like Microsoft Azure, can ensure that no matter what happens to your network – whether it’s a natural disaster or ransomware attack – you can quickly restore your data and operations.
Keep Your Network Protected with a Plan from Enable Technology
A multi-layered security strategy will protect you from ransomware, viruses, and multiple other types of malware attacks. Enable Technology can help ensure your company’s data and network are protected, no matter what.