2018 is being welcomed as a year when data protection and network security are going to play more important roles than ever. Ransomware is the latest but not newest threat to cyber security that has given many a CTOs and CIOs, the proverbial sleepless nights. With WannaCry and Petya being the latest entrants in their dubious arena, the losses due to ransomware has mounted to billions of dollars. This is not including the downtime of the service, the loss of customers and the general damage of reputation that businesses have to contend with. Ransomware continues to grow at an alarming pace and in 2016
alone, the figures said that in every 40 seconds, a company gets hit with some form of ransomware with such worrying news around, we decided to put together some trends and precautions to help you in this battle.
The 5 worrying trends of ransomware:
1) Businesses will be targeted more than individuals
Businesses can pay higher ransoms, which is the prime objective of ransomware attackers. Businesses also have a wealth of information that can fetch lucrative prices in other circles as well.
2) The focus is shifting from just encryption to other forms of damage
Ransomware typically encrypt your data and prevent you from accessing it. But sometimes, backups and other decryption tools come to the aid of the victim. To up their game, ransomware creators would threaten dumping the data online or selling sensitive credentials to the highest bidder.
3) Emails will be the largest distributing mechanism
Emails are still the easiest way to trick users into clicking on some link and releasing the ransomware’s payload. They will continue to give the usual nightmares to network administrators who will keep sending precautionary emails about not clicking on links, all through 2018.
4) Ransomware as a service will continue to grow
A ransomware author today need not have expert programming skills to deploy the next ransomware on the unsuspecting public. Ransomware-as- a-service providers like Cerber helps non-technical folks launch their own ransomware campaign by paying the creators some ‘royalty’. The kind of money that has been claimed by previous attacks is going to attract more malicious minds, technical or otherwise.
5) Connected devices and industrial robots are likely targets
As IoT and the age of industrial robots take over multiple business domains, ransomware could peg them as likely targets. While the data being consumed by a small device may be unimportant, the attack could provide access to the underlying network and compromise more valuable assets.
Instead of losing sleep over the above worrying trends, here is what you can do to mitigate the risks to
you and your business.
1) Data backups, timely and tested
You must take frequent (and automated) backups and test them regularly to see if they are infection free.
2) Isolate critical computers from the network
It is vital to isolate critical data servers and key nodes from the network and harden them with special measures.
3) Patch software, use what is needed
WannaCry spread due to a Windows exploit that wasn’t patched in many installations even after Microsoft released the patch. You have to ensure that all software is updated and no unwanted software, macros, browser plugins are installed or enabled, unless genuinely needed.
4) Cyber hygiene
The Federal Bureau of Investigation says that global losses due to business email compromise (BEC) have reached $5.3 billion. It is always good to stop that quick finger from clicking on a coupon link or a funny video thumbnail. Basic restraints like these go a long way in diminishing the dangers of ransomware.
5) More sophisticated blacklisting
With ransomware authors upping their game, it is important for us to use better blacklisting programs that are intelligent, more updated and more connected with the corporate and academic world.
Ransomware will continue to make the occasional news and scare network administrators every now and then. With the right precaution, protection strategy and software, even the most vicious ransomware is highly preventable.
Author: Yogesh Prasad
Ethical Hacker, Information Security Consultant, Entrepreneur, Founder – Hackers Interview