If you follow information security news even casually, you might have noticed that ransomware is showing up in more and more of the headlines. Ransomware has been around for a while, but recently it’s been garnering a lot of attention. Here are a few reasons why it’s causing widespread concern.
Attack vectors have become more expansive. While many attacks still need users to open malicious attachments or click links, this is no longer a requirement. With the advent of malvertising, comes the threat that any website you visit that serves up ads might contain malware. By exploiting browser and plugin vulnerabilities, these malicious ads can compromise your system, installing ransomware or other malware. Exploit kits, like the popular Angler exploit kit, now provide support for ransomware, making it easier for hackers to deploy their malicious payload to large audiences across the web, even on mainstream websites.
The impact can be devastating and immediate. While many other types of malware, such as Trojans, keyloggers, and other malicious programs can hide undetected, ransomware is different and has a more immediate and urgent impact for the user. While some malware hides and does not interfere with the user’s access to data, ransomware will immediately make itself known. Once your computer has been encrypted, you immediately lose all access to all files and there are limited options for recovery.
The first option is completely wiping the computer and reinstalling everything. This assumes that you have made backups and have a plan in place to rapidly recover data. If you don’t have backups of your data available and it is critical data, you may have to consider paying the ransom (as the FBI has previously advised).
More attacks have been publicly disclosed. News has recently focused on targeted ransomware attacks where organizations have been forced to yield to the cyber criminals’ demands. Hospitals have been increasingly targeted as the data and systems are often critical to life and death situations, adding urgency to the attackers' demands. Schools have also been targeted for attacks. A number of these organizations have had to pay ransoms to release their data, translating to successful paydays for attackers. As long as the practice continues to be profitable for the attackers, the ransomware threat is likely to persist.
What can be done to mitigate the risks? Check out the list of ways to avoid becoming the victim of ransomware we recently posted. Highlights include data backup and recovery initiatives combined with a strong overall security program that combines security monitoring and vulnerability management to bolster your security posture. If your organization struggles with limited time, budget, and resources to implement these types of security measures on your own, EiQ may be able to help.
EiQ’s SOCVue® Security Monitoring service includes 24x7x365 monitoring of your environment by EiQ’s trained security professionals. The EiQ Security Operations Center (SOC) team will analyze event data from across your IT assets and provide timely notification of any security incidents along with remediation guidance.
EiQ's SOCVue Vulnerability Management service provides cutting-edge vulnerability assessment technology, along with an extended security team, to effectively analyze vulnerabilities and track the remediation process.
More and more, organizations who were previously understaffed, underbudgeted, and overwhelmed are finding that EiQ’s hybrid SaaS security services that combine the best people, process, and technology are a welcome change from going it alone. EiQ is transforming how mid-market organizations build enterprise-class security programs. Acting as an extension of our customers’ IT teams, EiQ’s SOCVue provides continuous security operations based on best-of-breed technology at a fraction of the cost of alternative solutions. EiQ is a trusted advisor to organizations that need to improve their IT security and compliance posture by protecting their infrastructure against cyber threats and vulnerabilities. To learn more, please request a demo today!