Business Library

Ransomware is Big Global Business

Rick Cobello - President | Global Cybersecurity Solutions, LLC

“The FBI reports that ransomware attacks were up 20% in 2020, and even more tellingly, ransom demands rose 225%. And, according to an annual report on global cybersecurity, there were a total of 304 million ransomware attacks in 2020, a 62% increase from a year prior.”

The approach is straightforward: attackers target a company with malware which encrypts their data, then send a request for money, usually in the form of cryptocurrency. If  a company refuses to pay the ransom fee, their data will remain encrypted and inaccessible and the business will face the gap in business continuity.

There is the potential for huge financial and reputational damage that could decimate a large or small company.

Victims range from small business to huge organizations  and protecting data against ransomware is as essential as physically protecting your premises from criminals.

Here are a few things you can do to ensure that you are successfully protected against ransomware.

Don’t forget the backups

A comprehensive backup plan is the first priority to prevent a ransomware attack.

Saving previous version could make it possible to avoid paying the ransom and resume normal operations. But beware. Ransomware is becoming increasingly sophisticated. Many new viruses are designed to seek out backups and encrypt those as well.

A company should have multiple back up solutions in addition to local backups. A cloud based backup is essential for maintaining continuity of business if a ransomware attack.

Don’t Forget the Training Plan

Employees  in your organization are a potential access point for malware. Human error is one of the largest cause of malware and ransomware.

“Colonial Pipeline was attacked with a ransomware variant from the Ransomware as a Service (RaaS) group DarkSide, causing Colonial Pipeline to take certain systems offline, halting pipeline operations which transport approximately 100 million gallons of fuel daily to 14 states from Texas to New York.”

This was most likely caused by  fake emails and corrupted attachments.  Your business should encourage a culture of awareness and attention to the origin of any suspicious attachments. Vigorous procedures for employees to follow when they think they might have exposed a device to malware should be developed. A rapid  response could potentially quarantine the machine in question and save thousands of dollars in damages.

Don’t Forget the Updates

There are many reasons to keep the operating systems, browsers and plugins up-to-date. Ransomware prevention is just one of them.

Many ransomware attackers gain entry to a system via weaknesses inherent in out-of-date plugins and other technical components. Mandatory  updates can assist businesses to stay ahead of the criminals and keep your sensitive data secure. A comprehensive monitoring system for any size business is critical for maintain the proper level of updates and patches.

Don’t Forget Protection

Every computer, even personal devices used for work purposes in your organization should have malware protection software. Remote computers attached to the company network should also receive protection. While no program can prevent every single attack, most will be able to guard against a comprehensive set common exploits. Again, a monitoring methodology for the computers on the local network is essential for identifying malware and ransomware attacks.

How to Act in Response to a Ransomware Attack

Paying the ransom might seem like the most sensible course of action, but there have been numerous cases in which doing so didn’t yield a decryption key. If that happens, you’ve only added an extra cost to an already-expensive situation.

An expert might be able to help you mitigate the damage, but it is vastly preferable to avoid attacks in the first place.

The time to act is now… protect your data  and company intellectual assets and ensure that your company doesn’t end up on the long list of ransomware victims…

Protection is the Best Prevention…

“Keeping an Eye on Your Security”