Last month I wrote about the importance of business continuity through data backup. The worst is not over yet. Here’s why:
New threats are appearing on a daily basis, and attackers are continuously evolving their techniques. If you also put into perspective what we are experiencing in the United Arab Emirates, with Expo 2020, Driverless Cars, and the Government’s speed of Digital Transformation, the UAE in general, and businesses in the UAE are high targets for Ransomware attacks. Here is how it all stacks up:
- 54% of companies experienced one or more successful attacks that compromised data and/or IT infrastructure. .
- 77% of those attacks utilized exploits of file-less techniques. (the old days of malicious executables are gone as new attack tools and frameworks continue to lower the barrier to entry). One could argue that up to a third of all attacks are projected to utilize file-less techniques in 2018. .
- Emails are now increasingly used by hackers, and it is estimated that 1 in every 131 emails, contain a malware.
- There is a ransomware attack every 40 seconds .
Ransomware is no longer a buzzword and is the latest method of cyber extortion for financial gain that we are hearing about on a daily basis here in the UAE. Ransomware is a type of malware injected into corporate networks by cyber criminals, which prevents users from interacting with their files, applications or systems until a ransom is paid. This is typically in the form of an anonymous currency such as Bitcoin, which is most recently seen by the University of Calgary who had to pay up to $20,000 to wrestle back access to files locked away by malware. The university's email, Skype, wireless networks and other services were targeted by the malware infection.
In recent times, individual computer and mobile device users have long been the unfortunate recipients of ransomware and now the threat has expanded. Ransomware has gained publicity in recent months through media coverage of the numerous ransomware attacks against organizations, which we have seen through hospitals. Cyber criminals have been progressively turning to industries such as healthcare, universities and law firms that possess critical data but may have limited investment in cyber security. Hospital budgets are often allocated towards surgery wards, emergency care and supplies for a large number of patients – not cyber security. This is an easy target for cyber criminals since hospitals cannot operate without the necessary patient data stored in their systems.
What can you do to evade a ransomware attack?
As dangerous as ransomware is, simply being aware and remaining updated with the latest ransomware trends can go a long way in securing your data and systems. Here are some of our top tips on how you can secure yourself from a possible attack.
- The solution for ransomware is fairly simple and is your best defense. Back-up, Back-up, Back-up. Check out our Microsoft Azure package for more details for data security and peace of mind.
- Use a secure mail gateway, as Ransomware often hides itself in legitimate looking email attachments, often spoofed from email addresses of people you know. Even then scrutinize you incoming mails. If you are not 100% confident about opening an attachment, do not open it. To be on the safe side, you can check the source sites credibility through Trend Micro.
- Deploy a layered approach to security by utilizing technologies such as antivirus, web filtering and firewalls. This might not prevent the ransomware completely but will delay the process till you hopefully detect the problem.
- Personalize your anti-spam settings the correct way. Most ransomware variants are known to be spreading via eye-catching emails that contain malware attachments.
- Make sure you disable file sharing, so the infection will stay isolated to your machine only or try (deleted) disabling remote services. Otherwise, the threat could rapidly propagate across your network.
- Immediately disconnect from Wi-Fi and your network if you download a file that you suspect. If quick enough, you could delay the communication with the server before it finishes encrypting your files.
There are whispers that some companies have even been stocking up on bitcoins in the event they are targeted but paying the ransom only encourages attackers to develop more advanced ransomware. DO NOT PAY…
Most organizations would see a defense in-depth strategy being the likely solution, this however does have its flaws as it can see point solutions protecting specific areas of concern on the network. With the introduction of next generation firewalls, organization offer a consolidated joint up approach which will offer protection against all of these point solutions in one single enterprise platform.
Focus on a solution that provides prevention. Key to all of this is that if you are looking at a solution, choose a company that focuses on the known and more importantly the unknown malware. To conclude, tighten security measures, ensure you have up-to-date software, use best practices and clean, protected backup data. Organizations should evaluate backup strategies regularly and test those backups to ensure that recovery is successful which is what we provide here at Media Solutions.
 source: Barkley.com
 Source: Symantec
 Source: Kaspersky