How Organizations Must Protect Themselves from Ransomware Attacks

When one thinks of cybercrime, it can be easy to imagine a mysterious figure in a dimly lit room sending out various phishing emails to unsuspecting victims. However, this is not always the most dangerous tactic used by hackers, according to the United Kingdom (UK) Government Communications Headquarters’ (GCHQ’s) cybersecurity arm.

On June 14, the UK National Cyber Security Centre claimed that ransomware represented the biggest threat to online security for most people and businesses, with the number of incidents soaring worldwide in the last two years.

And it is a problem and a threat that we must all be wary of.

Why Ransomware Attacks are on the Rise

These attacks typically involve hackers gaining access to an organization’s systems, encrypting data and files, and demanding payment for their release. It is a tactic that cybercriminals have employed for years, but the practice is now becoming increasingly “professionalized”.

According to the National Cyber Security Centre, criminal gangs are using ransomware to generate tens of millions of pounds from businesses that cannot afford to lose their data or suffer the downtime caused by a breach. Part of this “professionalization” involves organized gangs scouting their targets and tailoring their demands to the size of the target. For instance, there are examples of small firms or individuals being targeted with ransom demands of just £1,500, which can be affordable in such circumstances. Essentially, some organized crime gangs adopt the business principle of “marginal willingness to pay” to set their demands at amounts that are more likely to be settled than fought.

That being said, many of the targets are large businesses with deep pockets. These companies are attractive targets due to their scale: they may be able to meet higher ransom demands, and they may be more inclined to pay given that they could stand to lose huge amounts of money from downtime and the repercussions of information exposure. It is important to point out that the advice remains that such demands should not be paid, but we must acknowledge that some believe that it is the best solution.

Organized gangs are even reinvesting the funds that they earn from successful attacks to enhance their methods and increase their future profitability, acting in ways that match modern legitimate businesses to maximize the return on their investments. This means that the threat of ransomware attacks is not going to go away anytime soon, if at all.

How Ransomware Attacks Destabilize an Organization

Travelex – a provider of foreign exchange services – reportedly paid $2.3 million last year to regain control after hackers shut down its networks. The effects of this were devastating – with the company eventually falling into administration, resulting in the loss of 1,300 jobs.

More recently, JBS – the world’s largest meat processing company – and Colonial Pipeline – a US oil network – suffered ransomware attacks, with the latter reportedly paying a £3.1 million ransom.

In the Colonial Pipeline attack, the U.S. Government was able to recover a large proportion of the money, but the willingness of Colonial Pipeline to pay the ransom after the attack is an example of a business favoring a potentially cheaper ransom payment over the significant operational cost that can be caused by systems being out of action.

It is also important to remember that paying a ransom demand does not necessarily mean that the criminal gangs will honor any promises to erase captured data or restore systems in full.

How Businesses can Protect Themselves from Ransomware

All businesses must prepare and protect themselves from a ransomware attack, particularly those that store and process sensitive information like medical data and financial details, as these organizations can be more attractive targets for hackers.

First and foremost, organizations must deploy professional and market-leading cybersecurity software and employ internal and external experts to help to prevent attacks. This goes hand-in-hand with the enforcement of robust cybersecurity procedures such as multi-factor authentication, and enforcing strong and unique passwords, to prevent any weaknesses. Any defense is, after all, only as good as its weakest link. Organizations must also have a robust backup strategy to protect themselves from the impact caused by ransomware attacks, as this could allow for the smoothest return to operations as soon as possible. Regularly backing up data and storing it in a separate system or offline can help to minimize the impact of a hack.

Further, employee education is a powerful weapon in the arsenal against ransomware. Training employees to recognize social engineering techniques, to avoid clickbait, and to steer clear of attachments from unknown senders are simple ways that can help to prevent hackers from gaining access to a system via rudimentary methods. Training for this could be provided by an expert organization. Although this is an expense, it will likely be a minuscule amount when compared to the ransom demanded by hackers, and the cost of any legal action and fines brought should personal information be exposed.

Once a hacker has encrypted data, it may seem like the only viable option available might be to pay to regain access lest the company risk losing the data and suffering downtime. But organizations that prevent and remove the risks which make them more attractive targets will be the most effective in combating hackers.

Failing to Prepare is Preparing to Fail

Ransomware attacks are on the rise around the world, with hackers motivated by the fact that many organizations prefer to pay the ransom instead of losing their data and destabilizing their operations. However, just because attacks are on the rise, it does not mean that we are all defenseless against ransomware. As with all cybersecurity, failing to prepare is preparing to fail. Organizations must deploy proper cybersecurity measures, ensure they employ experts and properly train their staff, and backup their data to prevent financial devastation and reputational ruin.

Image Source: Deposit Photos
Image ID:186938708
Copyright:AndreyPopov