Data for the digital economy of the 21st century is what oil was for the industrial economy of the late 18th century – a valuable asset that enables the growth and smooth functioning of everything from government agencies to private businesses. Like any other valuable commodity, data is subject to various attacks by malicious actors.
According to IDC’s 2021 Ransomware study, approximately 37% of global organizations said they were the victim of some form of a ransomware attack in 2021, which accounts for a third of organizations worldwide. Ransomware attacks rose by 92.7% in 2021 compared to 2020 levels, with 1,389 reported attacks in 2020 and 2,690 in 2021, and their fiscal impact is measured in hundreds of millions of dollars – in the first six months of 2021, there was $590 million in ransomware-related activity, according to the U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN). For all of 2020, FinCEN only reported $416 million.
Do you still think you are safe?
According to cybersecurity firm Sophos, the top industries targeted by ransomware attacks vary from education, retail and professional services to central government agencies, manufacturing, energy and utility infrastructure to IT, healthcare and local government institutions. Regardless of your line of business, ransomware attacks are on the rise and their sophistication is constantly evolving to breach the security systems set in place.
What is Ransomware?
Ransomware is one of the most pressing cyber threats for businesses and government institutions – it’s an ever-evolving piece of malicious software (malware) designed to encrypt files on a device and render them unusable unless it gets decrypted. That’s how cyber-criminals “kidnap” your data and threaten to sell or leak it if the ransom is not paid. Ransomware attacks vary in scale and impact – they can be targeted at a private business to extract money or utilized as a digital weapon by nation-states. Whichever the case, the financial and reputational damages can be severe.
How Ransomware Works?
There are several ways ransomware can access your device and take hold of your data. Here are some of the most common tactics that malicious actors employ:
- Phishing: phishing attack is when cybercriminals impersonate trusted contacts or organizations and send you an email with a seemingly legitimate file attachment or a link. The files/links are executable, and once you download or click on them, the ransomware attack is triggered.
- Exploit kits: another popular tactic is the development of exploit kits designed to take advantage of vulnerabilities in applications, networks, or devices. This type of ransomware can infect any network-connected device running outdated software.
- Malvertising: Ads are different yet common ways for attackers to distribute malware. The malicious software gets embedded in a fake online ad, and while a lot of people think that only dodgy websites have these, the unfortunate reality is that even a trustworthy website can be compromised.
- Supply chain attacks: A rising trend from 2020 to 2021 is supply chain ransom attacks where instead of attacking a single victim, cyber-criminals extend the attack across supply chains. An example is the 2021 Kaseya attack, which affected at least 1,500 of its managed service provider customers.
Once the ransomware gains access to your device, the data hostage-taking is triggered, and your information – personal or business – is compromised. Depending on the strain, a ransomware attack works by encrypting files or locking up your entire device. The ransomware then displays a ransom note with demands for a decryption key.
While your device is infected with ransomware, any attempts to open your encrypted files will most likely be met with an error message informing you that your files are corrupt, invalid, or cannot be located.
How to Prevent Ransomware?
Any device connected to the Internet can become compromised in a ransomware attack, so the best way to prevent such an attack is by practicing smart internet habits and using robust prevention tools.
Here are a few best practices you can start today to prevent a ransomware attack:
- Keep your software updated: Ensuring your OS and applications get the latest updates once released. Cybercriminals exploit the security vulnerabilities of outdated software to deploy their ransomware attacks.
- Back up your system regularly: The sudden loss of access to critical data makes ransomware attacks so dangerous for your business. Regular backup of your files elsewhere is crucial – you can use both cloud services and physical storage, and if your device offers automated backups, make sure you’ve enabled that option.
- Use an adblocker: Ensure your browser has an ad blocker installed to shield yourself from malvertising and drive-by downloads.
- Healthy skepticism: Be wary of strange links sent in emails or on other messaging platforms. Even if the link comes from someone you know, they could have been hacked.
- Use antivirus software. Ransomware can hurt you only if it can reach you. Employ a robust cybersecurity app that blocks malware and viruses before they can get anywhere near you.
What to Do in Case of a Ransomware Attack?
If you end up with a ransomware attack on your hands, do not pay the ransom. For starters, there is no guarantee that you will get your data back, and by paying, you will only further encourage malicious actors in their attacks. Let security experts handle the situation. If you don’t have a full-time expert on staff, you can always reach out to external consultants such as CRI Advantage that will help you prevent such attacks and help you resolve them if they ever occur.
If you want to safeguard your business from ransomware attacks and other online security threats, but don’t have the budget for a full-time expert, reach out to CRI Advantage Cybersecurity Services.