Ransomware – How Business Leaders and Their Employees Can Stop ItRamon Ray
Contributed by Shridar Subramanian, CMO of Arcserve. He has nearly 25 years of experience in information technology.
Ransomware is now one of the most potentially damaging — and prevalent — types of malware. With this lucrative crime, hackers break into a firm’s computer system, encrypting the data, which they will only release for a fee.
Just look at the Colonial Pipeline ransomware attack that took down the largest fuel pipeline in the U.S. and temporarily caused fuel shortages up and down the East Coast. Colonial Pipeline CEO Joseph Blount admitted that his company paid hackers nearly $5 million in ransom just a day after discovering malware on its systems.
In the recent evolution of ransomware applications, cybercriminals will also steal information during an attack. They will then threaten to publish this information on leak sites on the dark web or sell it, increasing the pressure for victims to pay the ransom.
Cybersecurity Ventures predicts that ransomware damage costs will exceed $265 billion by 2031, with attacks on businesses, consumers, or devices occurring every two seconds. Their projection for 2021: $20 billion in costs, a 57x leap from 2015.
While businesses should do everything they can on the technology front to prevent ransomware and malware, people are, unfortunately, a big part of the problem. Verizon’s 2021 Data Breach Investigations Report says that 60 percent of ransomware cases in its study involved direct install or installation through desktop apps. The rest of the vectors were split between email, network propagation, and downloads triggered by other malware.
Humans are the common factor among many of these attacks, and the report says that 85 percent of breaches result in the loss of credentials. While a large enterprise may have the means to survive an attack, many small businesses may be forced out of business due to ransomware’s impacts. Large or small, every organization should do everything it can to protect its data and prevent ransomware.
Everyone Has a Role to Play in Fighting Ransomware
There are all kinds of scams that hackers use to sneak ransomware onto devices and networks. And these scams are constantly evolving. That’s why everyone in the organization must understand what they can do to prevent ransomware. Here are some areas to consider:
Train Employees to Spot Scams
Educate employees with regular cybersecurity awareness and training programs. Training should include recognizing potential threats, the latest news and guidance on new and existing threats, and how to respond to an actual or potential threat. It’s important to maintain awareness throughout the company with regular bulletins, updates, and tips.
Reinforce (and Enforce) Company Policies
Set policies regarding confidentiality of user credentials, even for IT and security personnel. These policies should include strong password and authentication requirements. Make sure your employees understand these policies—and the reasons they exist—and adhere to them so they can do their part in ransomware prevention.
Use Software as a Service for Applications
Using applications that are company-sanctioned can go a long way toward preventing ransomware. That’s especially true when it comes to using file-sharing applications instead of email attachments. This strategy mitigates or potentially eliminates malicious attachment phishing attacks.
Talk About Macros
Users unfamiliar with macros in Microsoft 365 and Adobe PDF documents may automatically click on an “enable macros” button in a malicious attachment. That would be a colossal mistake, opening the door for ransomware. There has been a rise in document-based malware where malicious documents work much like executable programs, including the ability to run processes and install other code on your systems. It’s also worth considering using non-native document rendering for PDF and Microsoft 365 files in the cloud to stop this practice, as these desktop applications may have unpatched vulnerabilities that are ripe for exploitation.
Make Incident Reporting Easy
No one wants to be the person that clicks on a malicious attachment or link. It would be easy to beat yourself up if you’re the one. And it would be easiest to avoid the embarrassment that comes with reporting it. That’s why employees must understand that they—and everyone they work with—are the victims in these cases. Everyone should feel comfortable reporting any security incident. So put simple, clear reporting procedures in place.
Physical Security Matters, Too
Make sure that everyone understands the company’s security policies with regards to facilities and devices, too. A lost or stolen laptop that lacks a login password is an open invitation to accessing the network. And stolen credentials in the hands of a hacker can only lead to disaster. Devices, badges, and credentials must always be kept secure.
Plan for Recovery
There isn’t a way to be 100 percent certain that you are safe from a ransomware attack. Ultimately, the best defense is to ensure you can recover if it happens and that starts with backup and disaster recovery planning and solutions.
Smart Hustle Resources