Effective ways to reduce risk of ransomware attacks

Within the last few months high profile ransomware attacks are making headlines around the globe. Recent cyber-attacks that have used ransomware as their attack route include attacks perpetrated against the Colonial Pipeline and JBS (the world’s largest meatpacker) resulting in a combined payment of $15.6M.  These large attacks are serious and examples of the threats businesses face every day.

What is Ransomware?

Ransomware is a dangerous form of malware that infiltrates devices taking hostage a business’s information by encrypting it.  It encrypts or locks the victim’s data. Attackers then demand a ransom in exchange for a unique key to decrypt or unlock the files. Like all malware, a ransomware attack starts when a malicious payload enters the system, which typically happens via:

  • A malicious link or attachment.
  • An ad that leads to a website with an exploit kit.
  • A worm that exploits a system weakness.
  • An infected piece of hardware.

As large organizations make the headlines, small and medium size businesses are dealing with a even harsher reality.  All organizations regardless of size are susceptible to attacks as the average ransom payment has increased gradually over the years.  Sophos, a global leader in next-generation cybersecurity, recently announced the findings of its global survey, “The State of Ransomware 2021,” which reveals that the average total cost of recovery from a ransomware attack has more than doubled in a year, increasing from $761,106 in 2020 to $1.85 million in 2021. The average ransom paid is $170,404.

While smaller dollar values may seem insignificant for larger businesses, ransom attacks can be crippling for smaller businesses that cannot afford to lose their data. Especially as hackers tend to duplicate successful attacks and hit victims over and over again.

Some hackers even corrupt and delete a company’s files while they await the ransom payment, just to show that they’re serious. Regardless of the cyber criminal’s ultimate actions, the actual cost of ransomware goes beyond just the payout.

Digital extortion by hackers ultimately inflicts more monetary damage than what the hackers may take in from an attack. A ransomware attack can also:

  • Hurt the relationship with partners and customers.
  • Disrupt operations and supply chains.
  • Cripple IT services for weeks
  • Lead to the leakage of sensitive customer information

Best practices to reduce your cyber risk from a ransomware attack.

  • Keep your applications and operating systems up to date

Keeping your system and programs up to date is one of the most effective ways to reduce the impact of a ransomware infection. Staying up to date on your security updates fixes vulnerabilities that cyber criminals cannot exploit and use as a mechanism to launch the cyber attack.

  • Reputable and Feature Rich Endpoint Security

One of the most important ways to stop ransomware is to have a reputable and feature rich endpoint security solution. These solutions are installed on your devices. They reduce the risk of  malware infecting your systems. More endpoint security solutions are now built with forensic investigative capabilities. This provides valuable evidence on how a system was compromised including the criminal’s activity during the compromise.

These solutions can help protect against malicious downloads and can alert users when they are visiting risky websites. These systems are not guaranteed to be 100% effective as cybercriminals are always trying to create new pieces of malware that can get around the security tools, but endpoint security is a crucial step in strong protection against malware.

  • Security Awareness Training

Training your employees in cyber security and making them more aware is significant. Over 80% of all attacks are caused by the actions of employees. Things like phishing emails are one of the most common ways for a data breach. By tricking users into clicking or opening an attachment that is full of malware is how cyber criminals gain access to sensitive information. Examples of sound training topics are:

  • Ransomware
  • Phishing
  • Social Engineering
  • Privacy
  • Physical and Environmental Controls (Clean Desk Policies)
  • Social Networking Dangers
  • Test Your Systems Regularly

Risk or Gap assessments enable you to check your systems for weaknesses. These tests inspect the IT environments for potential exploits, such as:

  • System misconfigurations.
  • Issues in staff behavior.
  • Weaknesses that allow the setup of backdoor programs.
  • Flaws in account privileges.
  • Problems with authentication mechanisms.
  • Unpatched firewalls, apps, and OSs.
  • Weak passwords.

Lastly the worst thing your organization can do is nothing, protecting against ransomware is a critical issue for all organizations regardless of size, and these best practices are only the start of building a mature and resilient cybersecurity posture.  It is important to remember that you cannot focus on a single piece of defense; you need a comprehensive cybersecurity program that enables you to identify, prevent, detect, respond, and recover from threats. Protecting your brand against ransomware can feel overwhelming, contact us for information and help to reduce the risks of these attacks.

Leave a Reply

Your email address will not be published. Required fields are marked *

Scroll to top