Ransomware is a flourishing IT threat, and one that can cost organizations thousands of dollars in lost data, ransomware repayments and security breaches. According to Marcin Kleczynski, the CEO of cybersecurity company Malwarebytes, "In the last six to 12 months, [ransomware] has just gone so aggressively to the business environment. We see companies from 25 people all the way to 250,000 people getting hit with ransomware."
Since attackers aren’t targeting a specific type of enterprise, any organization can be hit without warning. The best way to prevent an attack is to understand the full scope of the threat and prepare yourself accordingly; read on for what you need to know about ransomware.
What is Ransomware?
According to an infographic from Wombat Security, ransomware is, “A type of malicious software (malware) that blocks access to a device or data until a ransom is paid.” Often, payments are orchestrated via bitcoin or virtual cryptocurrency, since these payments are not regulated like regular cash transactions and can be much harder for the government to trace. Once a piece of ransomware infects a computer, it begins an encryption process which locks the user out of the device and removes the files from access until the ransom is paid. Once a payment is complete, the user is given a digital key which can unlock the system.
It’s estimated that there have been an average of 4,000 daily ransomware attacks since early 2015 and by the end of this year, the cost of such an attack could reach $1 billion. Every organization should have a contingency plan in place not only in case of an attack, but also a robust security strategy employed year-round that can prevent and mitigate the threat. The following three tips can help.
1. Take a Proactive Approach Rather than a Reactive one
There are several ways to prevent the likelihood of a ransomware attack; these are crucial steps to take since once a piece of malware infiltrates the system, it may be too late. Be sure to:
- Stay up to date on all software updates, patches and vulnerabilities
- Avoid unknown links; don’t click on ads or visit strange websites
- Open email only from trusted senders
- Execute frequent system backups
- Run anti-virus protection programs
- Employ a firewall as a first line of defense
- Avoid downloading files unless you trust the sender
2. Outsmart the Attackers by Segmenting Your Network
Ransomware can’t affect data it can’t find, so network segmentation is a viable security strategy in case malware does breach the network. The Open Web Application Security Project (OWASP) notes in their Cloud Top Ten Security Risks that security for shared technology and multi-tenant environments should focus primarily on the logical segregation of customer environments. For instance, security managers should:
- Identify if enterprise data is mingled with data from other customers in tables or backups, making it difficult or impossible to properly archive or destroy.
- Ask their cloud provider to ensure that all customers hosted on the same physical server maintain a similar security posture, so attackers can’t enter through the weaker customer’s cloud and leak into the more secure enterprise’s cloud.
3. Focus on Backups
Backups can often remove the financial incentive for hackers to hold your data ransom; if you back up your organization’s data and information, you’ll still have access to it in case of a ransomware attack. While this can protect you from having to pay hefty fees to retrieve the data from malicious criminals, it shouldn’t be your first line of defense.
When backing up your data, be sure you are working smarter, not harder. Often, enterprises spend time unnecessarily backing up every piece of information they have when their time could be better spent focusing on the most crucial business records.
When you deploy these tips, it is less likely that your organization will be hit by a ransomware attack. To improve your enterprise's security strategy, contact us today for a security and threat prevention assessment.