By Sharon Knowles, CEO, DaVinci CyberSecurity
Various strains of ransomware have been around for a decade, and, just like the COVID-19 virus, threat actors have altered and changed the strains to make their attacks more successful. Ransomware is a particularly devious form of cyber hacking as it makes use of more innocent looking methods such as opening an infected file or clicking on an offer on a website to launch its virus. Once done, it encrypts critical files on the network and locks everyone out until a ransom is paid. Ransomware is just another way to extort money from organizations and a majority of ransomware is human-operated. While the methods of ransomware are continually evolving, there are now a lot of actions that companies can take to assist in protecting their world from being destroyed.
Learning from the Exploited
Ransomware isn’t going to go away, in fact, threat actors are increasing their attacks and the methods that they use. One of the most interesting discoveries is that many companies that have had ransomware attacks don’t fix their vulnerabilities. In a survey conducted by O’Reilly Media involving 950 participants, of the 6% admitted to a direct ransomware attack but only 48% had any practice in backup restoration practices, even though 70% indicated that they did perform regular backups. Questions may be posed as to whether or not companies are really knowledgeable on the true needs involved in protecting from a ransomware attack to avoid paying the ransom.
Ransomware Attackers Come Out of Hiding
Organizations have to recognize that where once the cybercriminals hid in the shadows they are now often out in the open. In some cases, these threat actors are even state-sponsored and ransomware is now big business. Techniques being used are a lot more sophisticated, Bitcoin payments are almost impossible to trace to the payee, and some of the ransomware groups have even designed dashboards to track their attacks and offer reports. To combat these practices companies need to know that they must have critical tools that are even more sophisticated than the attackers.
Ransomware Goes Beyond the Ransom
While it is bad enough the billions are paid globally due to ransomware attacks, cyber hackers are once again returning to their roots in theft of proprietary information from a company. They are using the organization’s down time while being encrypted to grab as much information as they can. This data is then taken to locations such as the dark net and sold to the unscrupulous. Even if a company pays the ransom they may discover that all of their own data and that of their clients has been breached.
It Requires a Professional for Good Cyber Hygiene
Even the best IT Department can’t often keep up with the ever-changing actions of cyber criminals. To protect against cyberattacks of all kinds organizations need to bring in cyber security specialists. These professionals will establish a “good cyber hygiene” analysis, advise on changes needed such as upgrading firewalls, password authentication, and alternating multiple backups. In today’s business world it’s imperative to train and educate staff to recognize potential breach attempts as they are often on the front lines.
About the author
Based in South Africa, Sharon Knowles is CEO of DaVinci Cybersecurity, which specialises in working with all business sizes to help to ensure their cyber safety. DaVinci Cybersecurity performs risk analysis and threat levels, advises on crucial access levels, helps to establish full restoration practices, trains your staff, and more. Protecting your company from cyber hackers is part of the cost of doing business today.”
Sources:
https://docs.microsoft.com/en-us/security/compass/human-operated-ransomware
