Ransomware is trending in the wrong direction. Attacks have reached a record high, and so has the percentage of paying victims. In 2017, 39% of victim organizations paid attackers in an effort to recover data. That number climbed to 45% in 2018, and reached a disturbing 58% in 2019. This is bad news for organizations in all industries. With ransoms being paid, attackers have no incentive to stop. During the third quarter of 2020, the average payment rose 31% to $233,817, leaving cybercriminals increasingly well-funded and exerting pressure on victims by combining data encryption with data theft and the threat of exposure. The recent “big game hunting” efforts of various ransomware gangs are a harbinger of things to come. Cybercriminals are teaming up to exchange tactics and intelligence, targeting organizations they believe are likely to pay a significant amount of money. Making matters worse, they’re using the disruption caused by COVID-19 to help them steal data before delivering the final ransomware payload.
Tips to Protect Your Business from Ransomware Attacks
Updates — Apply the latest Microsoft security patches to protect against the “WannaCry” attack; ensure critical software is updated, including mobile devices, as soon as new operating system versions are available.
Backup Your Data Perhaps one of the first and most important things you need to pay attention to are your backups. In case of any unfortunate event, an updated backup can literally save your business’s life. Backing up your important data regularly and storing it somewhere not connected to the network is the way to go. The restoration process should also be checked frequently to eliminate inconvenience and risk.
Adopt multi-factor authentication. Multi-factor authentication forces users to verify their identities in multiple ways before they’re granted access to a system. If an employee’s password is ever leaked to a criminal, the attacker won’t be able to gain easy access to your systems.
Enhanced passwords — Require long and unique passwords to protect against intrusions. Passwords should include at least eight characters, a combination of letters, numbers, and symbols.
Scan and monitor emails and file activity. Emails are the default choice of cybercriminals running phishing schemes. Scan and monitor emails on an ongoing basis, and consider deploying an automated email security solution to block malicious emails from reaching users. Also, consider scanning and monitoring file activity.
Awareness — Educate everyone in the organization on identifying scams, malicious links, and emails that may contain viruses and what to do if they come across something suspicions.
Check your cyber insurance. If you don’t already have it, purchase cyber extortion coverage that entitles you to incident response assistance and reimburses you for the ransom if it’s paid. Keep in mind that insurers require cyber-hygiene assessments and they can — and will — refuse to cover incidents that could have been avoided.
Don’t pay the ransom. If your organization happens to be the victim of a ransomware attack, don’t pay the ransom. It might seem tempting to get out of this bad situation as quickly as possible. But even after paying the ransom, there’s no guarantee the attacker will be true to their word.