Ransoms are one of the oldest means of exploitation. Taking an item of tremendous value and demanding compensation for its return is an effective, if sinister, way for criminals to get what they want.
Ransomware follows a lot of the same rules as more traditional forms of extortion, simply applied to the digital era. With ransomware, attackers infiltrate laptops, servers, or data centres through encryption and render personal or corporate data inaccessible unless victims pay a ransom.
Ransomware is the fastest growing ‘industry’ in IT security. Law enforcement can’t stop it. The IT department can’t reverse it and unless the right steps are taken prior to an attack, all enterprises can do is pay the ransom and hope for the best.
An organisations’ best measure against ransomware is prevention with security policies that increase internal awareness and reduce exposure.
One way to mitigate the risk of losing data is through timely, complete off-site data backups. A good backup rule of thumb is “3-2-1” – back up three copies of every file, on at least two types of media, at least one of which is offsite. With offsite backups, you can restore your files after ransomware has finished the encryption process.
Another way to mitigate ransomware is through education. Despite years of warnings about suspicious emails and websites, users still fall prey. Ensure new employees are trained on ransomware during on-boarding, as well as existing workers.
Work with HR and internal communications departments to help engrain data security into the fabric of the business and tell users what kind of threats to look for, including:
Crypto-ransomware – Strong cryptography that encrypts files, presenting victims with an alert that they must pay a ransom to decrypt their data. Some variants can jump from machine to machine within an IT network. They can also look for file shares and attached backups, and extend to web servers, debilitating business operations.
Phishing – Typically spread through phishing emails that contain malicious attachments if clicked on. Many phishing emails include subject lines that are enticing and may seem legitimate such as package deliveries, payroll or payments.
Drive-by downloads – Unintended downloads from infected websites that are delivered through a browser exploiting a software vulnerability on the target machine.
Malvertising – The injection of malware-laden ads onto legitimate websites. Popular sites from The New York Times to the Nikkei Stock Exchange have unwittingly carried malvertising.
USB sticks – The spreading of infected files to – and from – attachable devices such as thumb drives can infect laptops, desktops, smartphones, tablets, servers and even entire data centres. In the era of IoT, it can extend to wearables that sync with other devices, and potentially Internet-connected HVAC or lighting systems.
Continue reading on page two to discover how to protect your business from ransomeware.
Share this story