Ransomware 2019 attacks have been hitting the headlines, with an 89% increase in ransom demands over the last 12 months. Soft targets, with outdated infrastructure, older software and poor security culture are being exploited every day.
Here are some recent attacks making headlines.
- Lake City, Florida’s city government paid ransomware attackers about $530,000 or 42 Bitcoins, to restore access to systems.
- The City of Riviera Beach, Florida, paid ransomware attackers about $600,000.
- LaPorte County, Indiana paid over $130,000 worth of Bitcoins to ransomware hackers to regain access to part of its computer systems.
- Capital One was the victim of a massive data breach affecting approximately 100 million consumers in the United States and 6 million in Canada. The company expects to spend $100 to $150 million in customer notifications, credit monitoring, technology costs, and legal support.
- This week, Louisiana Governor John Bel Edwards activated a state of emergency in response to a wave of ransomware targeting school districts.
With targeted attacks on the increase, business owners are looking for solutions to avoid a data hostage crisis!
What is causing the Ransomware boom?
Ransomware attackers are becoming more sophisticated and targeted with the event of spear-phishing attacks. Spear-phishing is a targeted malicious email, often disguised as a legitimate user or company. The aim is to spoof the user into giving away personal and sensitive information or click on a link that contains malware.
Once the user opens the email, Malware is executed quickly, and the business-critical data is compromised and encrypted. The unknowing user is sent a ransom demand, often with payment required using a cryptocurrency like Bitcoin. Cryptocurrency is commonly used to avoid any traces back to the attacker. Once the ransom is paid, often but not always, a private key is sent to the user to recover the data.
How can a business defend against targeted Ransomware?
Unfortunately, there is no way to stop a ransomware attack entirely, but there are steps you can take to improve your defenses.
1. Annual Vulnerability Assessment
Hiring a trusted cybersecurity provider to conduct an annual vulnerability assessment is a great place to start. A vulnerability assessment is a detailed security audit of your current system. It will identify, quantify, and prioritize vulnerabilities in your network, applications, processes and people. What you ultimately gain is in-depth knowledge from your cybersecurity team with recommendations and risk analysis.
2. Annual Penetration Testing
A penetration test is an authorized attack against your IT systems by an experienced cybersecurity team. The test will identify and exploit security weaknesses to evaluate the real-world risks they pose to your business. The goal is to uncover your weakest links and determine the extent of damage a real malicious attacker could cause your business.
3. Business Continuity
Effective business continuity and disaster recovery requires a plan to enable a business to be back up and running quickly. The best way to improve your business continuity is by regularly backing up your data. Ensure backups are not permanently connected to the computers and networks they are backing up. Consider using a cloud-based backup solution, alongside on-site and co-location services.
4 Security Culture
Cybersecurity is everyone’s business, from the CEO to the administrators, a sound security culture will decrease the chances of a successful ransomware attack. An excellent place to begin is with an education strategy, including all employees, to creating awareness. All employees are potential targets and should be aware of the threat of Ransomware and the ways it’s delivered.
Hiring a cybersecurity team to deploy the following techniques will greatly improve your security culture.
- Awareness Training
If all staff members are aware of potential threats, they will take a more defensive approach and be better equipped to spot a rogue email.
- Communication & Acknowledgment
Empower your team to talk if they suspect a rogue email or if they open one to report it immediately.
- Acceptable use policies and rules
Deploy cybersecurity adherence policies for all employees, including a framework for staff violations and consequences.
- Sensitive Data Policy frameworks
Deploy clear policies and procedures regarding confidential data and take a zero trust-based approach. Restrict access by privileged users to specific systems, creating a safety zone around your business-critical data.
The recent increase of ransomware attacks shows how quickly the cyber threat landscape can change. Experts warn that attackers are growing in confidence and number, as crippled companies choose to pay to get their data back. Keeping your data safe requires a multilayered approach from a trusted and experienced cybersecurity team like Simply Secure.
The experts at Simply Secure are industry certified professionals, delivering cybersecurity solutions in the Miami – Fort Lauderdale area.