Ransomware: On The Rise!
Findings from Watchguard Threat Lab show that the volume of ransomware attacks in 2022 has already doubled 2021's total - despite only having data for a quarter of the year.
The study highlighted how the Emotet botnet came back in a big way, whilst the infamous Log4Shell vulnerability tripled its attack efforts and malicious crypto mining activity increased. So, is it time to be concerned?
What is Ransomware?
Ransomware is a form of malware that encrypts an unfortunate victim's files, effectively rendering them useless. But, how do they regain access to their precious information, data or files?
There's only one option available: pay a ransom.
Victims of a Ransomware attack are given payment instructions by the attacker that they must follow to gain their decryption key. Such ransoms can be anywhere from a few hundred pounds/dollars to thousands - all payable in bitcoin.
How do Ransomware attacks happen?
As with almost all cyber attacks, the criminal needs some form of bait to lure a victim into doing what they want. Due to this, phishing remains one of the most common delivery systems for Ransomware attacks to occur.
A malicious outsider may masquerade as someone you know and email a corrupt file, or they may appear to be a trustworthy source and trick you into a download. Once you've installed their attachment, built-in social engineering tools can give them admin access to your machine, and away they go. Once your files are encrypted, there's only one way to get them back - pay up.
For a more in-depth look at how Ransomware attacks happen, read this piece from Infosec Institute.
Am I A Target For Ransomware?
Cyber crime has continued to tick upward - a trend which grew more as we shifted to an online world during the pandemic. As such, the simple answer to the question is simple: yes, you are a target.
Granted, your personal computer may not be number one on a cyber criminal's hit list, but from a business perspective, nobody is safe. Institutes such as schools, universities or big offices are prime targets for cyber criminals as there are high volumes of file sharing and often, less than desirable cyber defences. Equally, enterprise-type organisations, governments or those with access to sensitive data (such as law firms and hospitals) may find themselves at high risk as they're viewed as the sort to pay a ransom quickly.
One thing is for sure in 2022 and beyond - you can't let your guard down even for a second.
Do I Pay The Ransom?
If the worst has happened and you've been hit with a Ransomware attack, it can feel - and in some cases, be - catastrophic. Vital data, files and even business processes may be entirely inaccessible to you, so should you simply pay the ransom and get back to normal?
At Fifosys, we align with the view of most law enforcement agencies and urge you not to pay - even if this sounds like the easiest solution.
There are no two ways about it - Ransomware attacks are carried out by criminals. As such, you're taking their word at face value that they haven't left a back door into your system, ready to return and 'attack' again a few months later. Or, worse yet - they may not even give you your files back once you've paid.
Furthermore, you may not even be dealing with Ransomware - for all intents and purposes, it may look and sound like it, but it could actually be 'Scareware'.
Not only that, but you're potentially encouraging hackers to create more Ransomware - or share with others that you're a target that pays. Because there's no guarantee on any of the above, we advise anyone to not pay - no matter how much hard work it entails.
After all, it's not like you're dealing with the sort of people who have a Trustpilot page you can head to and complain, is it?
How Do I Prevent Ransomware Attacks?
By this point, you're probably more than ready for some upbeat news - and we have some. Ransomware attacks are avoidable, provided you have strong defence practices and systems. By following these steps, you can mitigate any damage and increase your security practices at the same time. Win-win, right?
Back up your files often. If you have business-critical files, set your infrastructure up to carry our regular backups. It may not prevent a Ransomware attack, but it can significantly soften the blow.
Patch, patch, patch! Keeping your operating system - and applications - up to date ensures you have fewer vulnerabilities for an outsider to exploit.
Don't install any files, attachments or software unless you know exactly what it is - and who it's come from.
Don't grant admin privileges to anyone - or anything - without validating who is asking and why.
Deploy anti-virus software - at a minimum. It can detect malicious attachments or programs as they arrive - and block anything from operating without your permission.
The Final Word
The internet can be a scary place these days - especially for businesses. One errant click, a mistaken download or a tired mistake can be an outright disaster for organisations, which can spark anxiety, worry and fear for anyone.
But, it doesn't have to be the case.
Working with an external third-party - such as Fifosys - means you can gain state-of-the-art defences overnight. With dedicated account managers, monthly meetings and defences enterprise-level organisations would be envious of, Fifosys can be on hand to offer peace of mind from any threats the internet has to offer.