Ransomware. Could You Be Next?
- Published: Tuesday, April 6, 2021
Ransomware is a form of malware. Its main purpose is to seize your systems, encrypt your data and basically make your network devices and data unusable. Then it will present you with a ransom note that demands payment, usually in bitcoin, to release the decryption key in order to unscramble your files. Other threats may include release of data or personal information into publicly accessible Internet databases.
Ransomware can be devastating for any institution. It causes damage to devices and data, and it costs time and money to recover. It can be detrimental to your reputation. Statistics tell us that ransomware attacks are on the rise. There has been a 41 percent increase in growth since 2019. Ransomware damages are estimated to cost nearly $20 billion dollars by this year.
Powerful statistics indeed. And consider this: The most common methods of deploying ransomware include:
- Phishing emails - 67 percent
- Lack of security training - 36 percent
- Weak passwords and access management - 30 percent
But do statistics really tell the whole story? How many organizations who fall victim actually report the crime? It is possible that they are able to quietly attend to the clean up, restore files from backup, wipe the devices clean of the malware and continue business. Smaller businesses might not think they are a target, but those industries are actually represented in over 40 percent of the attacks.
To add to the victimization, ransomware-as-a-service can be purchased on the dark web for as little as $175. That's chump change when you think about the possible return on investment for the cyber crook.
The lesson to learn here is that ANYONE can be a victim. That is why you need to take the necessary precautions to limit your vulnerability. If you should suffer such a strike it, is best to have prepared ahead of time in order to quickly recover and continue business processes. An ounce of prevention...
- Have recent offline backups of critical data and processes
- Deploy segmentation in your network to prevent widespread infections
- Restrict use of administrative permissions
- Use strong and unique passwords. Implement multi-factor authentication
- End-user education is critical in helping to thwart phishing efforts to steal credentials and deploy malware
- Create an incident response plan
- Endpoint monitoring and protection
If you become a casualty...
- Immediately remove the infected device from the network.
- Isolate or shut down other systems to prevent them from infection.
- Contact your IT professionals, law enforcement and your insurance company.
- Change online and network passwords.
- Identify the variant and begin the process of searching for a decryption tool and malware removal.
- Delete registry values that have been put in place by the malware.
Fortify your systems and your staff in order to combat the ransomware demons.