Written By Alan Zeichick And Presented By Charles Leaver
Ransomware is genuine, and is threatening individuals, organisations, schools, medical facilities, local governments – and there’s no indication that ransomware is stopping. In fact, it’s probably increasing. Why? Let’s face it: Ransomware is probably the single most reliable attack that hackers have actually ever developed. Anybody can produce ransomware using readily available tools; any cash received is most likely in untraceable Bitcoin; and if something fails with decrypting somebody’s disk drive, the hacker isn’t really affected.
A business is impacted by ransomware every forty seconds, according to some sources, and sixty percent of malware issues were ransomware. It strikes all sectors. No industry is safe. And with the increase of RaaS (Ransomware-as-a-Service) it’s going to become worse.
The good news: We can fight back. Here’s a four-step battle strategy.
Good Basic Hygiene
It starts with training workers how to manage destructive emails. There are falsified messages from service partners. There’s phishing and target spearphishing. Some will survive email spam/malware filters; staff members need to be taught not to click on links in those messages, or of course, not to permit for plugins or apps to be set up.
Nevertheless, some malware, like ransomware, will get through, frequently exploiting obsolete software or unpatched systems, just like in the Equifax breach. That’s where the next action comes in:
Ensuring that all endpoints are thoroughly patched and totally updated with the current, most safe operating systems, applications, utilities, device drivers, and code libraries. In this way, if there is an attack, the endpoint is healthy, and is able to best eradicate the infection.
Ransomware isn’t really an innovation or security problem. It’s an organization issue. And it’s a lot more than the ransom that is demanded. That’s nothing compared with loss of efficiency due to downtime, bad public relations, disgruntled customers if service is interrupted, and the expense of rebuilding lost data. (Which presumes that valuable intellectual property or protected monetary or client health data isn’t stolen.).
Exactly what else can you do? Backup, backup, backup, and secure those backups. If you don’t have safe, guaranteed backups, you cannot bring back data and core infrastructure in a prompt style. That consists of making everyday snapshots of virtual machines, databases, applications, source code, and configuration files.
Companies need tools to detect, recognize, and avoid malware like ransomware from spreading. This needs constant monitoring and reporting of what’s occurring in the environment – consisting of “zero day” attacks that have not been seen prior to this. Part of that is monitoring end points, from the mobile phone to the PC to the server to the cloud, to ensure that all end points are up-to-date and safe and secure, and that no unanticipated modifications have been made to their underlying setup. That way, if a machine is infected by ransomware or other malware, the breach can be detected rapidly, and the machine isolated and closed down pending forensics and recovery. If an end point is breached, quick containment is vital.
The Four Strategies.
Good user training. Updating systems with patches and repairs. Supporting everything as frequently as possible. And utilizing tracking tools to assist both IT and security teams discover issues, and react rapidly to those issues. When it pertains to ransomware, those are the four battle-tested strategies we have to keep our companies safe.
You can learn more about this in a short 8 minute video, where I talk with several industry experts about this concern: