The Growing Threat of Ransomware

Brian Wallace, President of NowSourcing and a columnist for Grit Daily and CommPRO, offers us insights into the growing peril of computer systems being hijacked by third parties in what is known as ransomware attacks. If unfamiliar with this term, it refers to software surreptitiously placed on computers or networks to block users from gaining access to their systems. In return for payment of a ransom, the hijacker of the system unlocks it. Brian has also included an interesting infographic. As always your comments are welcome and appreciated.

In recent years, ransomware attacks have impacted organizations of all sizes and threatened the economy, commerce, and public institutions such as hospitals around the world. In a growing trend of attacks, ransomware gangs are encrypting backup files before encrypting live systems, greatly increasing the difficulty of system owners to recover control of their computers and files without paying.

With the year 2021 coming to an end organizations have already spent $20 billion to deal with ransomware attacks. According to recent reports, these cyberattacks have risen 400% since the COVID-19 pandemic started. Average recovery costs in 2021 have reached nearly $2 million per business and recent projections predict that 75% of organizations will face attacks over the next five years. During and after COVID-19, ransomware gangs are expected to continue attacking organizations and represent a continuous and growing threat. 

Malware (malicious software), such as ransomware, makes files and systems inaccessible for users, rendering them unusable. Historically, businesses were able to restore their networks and files by using backups, but attackers have begun encrypting backups before actual working files.

So in order to defend your company against ransomware, your first line of defence is understanding how attackers access your system infrastructure. Simply, they exploit human error to gain access to sensitive information. In order to mitigate human error, therefore, it’s paramount to educate employees and implement cyber hygiene practices, as well as hire highly trained cybersecurity analysts to provide 24/7 monitoring.

Here are the top three ways to protect an organization from ransomware attacks. 

1. Understand your organization’s risks. This requires identifying and managing vulnerabilities. Assess your current network, infrastructure, and digital landscape. This will identify security gaps that you need to fill. Invest in comprehensive security reporting, vulnerability assessment and penetration testing to help efforts to reduce ransomware attacks and other vulnerabilities that need patches.
2. Eliminate your blind spots by reviewing the monitoring of networks and devices, logs, and cloud infrastructure. To achieve cybersecurity maturity, use a holistic managed detection and response (MDR) service, and for real-time monitoring and mitigation, a 24/7 security operations center (SOC). Ensure that all endpoints are covered. That includes smartphones, laptops, tablets, and other devices that often are exposed when taken outside the organization’s safety perimeter.
3. Plan an incident response to ransomware as essential in minimizing losses, preventing future attacks, and responding to threats. To scope, investigate, and orchestrate activities after an incident, you need an incident response plan that includes responders, handlers, and forensic and malware specialists.

Ransomware attacks are getting more sophisticated by the day. To combat such cyber threats, you’ll need to strike the right balance of socially engineering employees, implementing expertise, and arming your organization with the technologies that can support the effort.