Ransomware is out of control in 2016! Ransomware, as defined by Wikipedia, “is a type of malware that restricts access to the infected computer system in some way, and demands that the user pay a ransom to the cybercriminal to remove the restriction. Some forms of ransomware systematically encrypt files on the system's hard drive, which become impossible to decrypt without paying the ransom for the encryption key, while some may simply lock the system and display messages intended to coax the user into paying.”
Unless you’ve prepared for this type of cyber attack, you’re at the mercy of the cybercriminal. It’s nearly impossible to crack the hacker’s encryption key and most organizations either have to cut their losses on the compromised device by decommissioning it or begrudgingly pay up.
One of the main reasons why ransomware has been growing in 2016 is due to the fact that start-up costs for a ransomware business are minimal. Hackers are able write their own malicious code or buy ransomware-as-a-service on the black market. It requires minimal investment, there is relatively low risk involved, and the returns are potentially massive if they’re able to attack the right target. According to an FBI official quoted in a CNBC article, “Last year alone there was a reported loss of more than $24 million as a result of ransomware attacks.”
In that same article, Matt Devost, CEO of FusionX, a unit of Accenture, states that the “most lucrative potential victims have a specific set of characteristics. They will typically hold critical information and infrastructure, have weak and vulnerable security programs that can easily be exploited, and have the ability to pay the ransom. Small- to medium-sized U.S. hospitals have proven to be a sweet spot in ransomware in 2016 because they often have a poor security infrastructure in place and are willing to pay to retrieve patient data, get back online quickly, and prevent reputational damage.”
This article from Naked Security by Sophos discusses 8 tips for preventing ransomware, but we’ve picked the top five tips that we believed to be the most effective:
Perform backups of your files on a regular basis
Regular backups are the easiest way to protect your data against ransomware cyber attacks. You can even take extra steps to guard your data by encrypting the backed-up data so only you can restore it. The benefits of this preventative action is that if you have a device that does become compromised, you can cut your losses with minimal financial loss other than the cost of the device itself.
Avoid unnecessary prolonged Admin login access
It’s a best practice to never stay logged in as an Admin any longer than needed. While you’re in Admin mode, be sure to avoid unnecessary activities that can be performed with your regular login access. Furthermore, when logged in as an Admin, you should get in and get out because the longer you remain logged in, the longer your digital paper trail becomes, which hackers can easily use to their advantage.
Educate every employee on ways to detect and avoid opening suspect attachments
Over the past few months, a majority of the Windows ransomware has been embedded in documents and attachments distributed as an email throughout the entire organization. Sadly, this is still one of the most effective ways cybercriminals get into your network
Invest in a vulnerability management service that allows unlimited scans of your IT assets
Having a reliable vulnerability management service in your corner that helps reduce your attack surface is one of the most powerful defenses you can take against cyber attacks. Regular scanning of critical IT systems for known vulnerabilities will allow you to stay on top of and sometimes even ahead of the latest vulnerabilities
Patch all your vulnerabilities as soon as possible
Malware often relies on bugs in software and applications that can be easily exploited. When you quickly apply security patches, you give cybercriminals less opportunity for injecting ransomware into your IT assets.
Is Your Organization Ready to Battle Cyber Attacks?
Find out with EiQ’s free, 10-question cyber security readiness assessment! Sign up now to see how prepared you are to identify threats and vulnerabilities, mitigate risks, and enable compliance.