With your first coffee of the day in hand, you switch on your computer at work. You’ve got a big day ahead of you: a thousand issues to close, the delivery of that project you’ve been working on for two months, and all this while your boss is putting the screws on you to make sure you don’t slow down.
First of all, it’s time to check your mail, lest someone has woken up at the last minute and needs something urgent. “Delete”, “Postpone”, “I’ll read it later…”, “I’ll read it later…”. “Let’s see, this one says that I have to download the file to find out what it needs… Right click, download… What the hell…?
You’ve just opened a file with malicious software, and within minutes the ransomware (data hijacking) has spread across the entire company network, locking all important files and data. You’ve just got a kind of fever you don’t know where to turn. You’re praying that the IT dept. can fix the problem without any after-effects.
Unfortunately, although the company has a NAS server to share files between workstations, it has no backup copies of the data, so it has no choice but to pay the ransom demanded by the hackers, although this does not guarantee that the data will be recovered (either in whole or in part).
But it doesn’t end there. The impact of the data loss was so great that the company had to shut down for a few days to try to fix the mess, resulting in a loss of reputation that some of the larger clients decided to stop working with you.
And this just for a couple of clicks?
Was there a way to avoid this drama? There was a way to avoid this drama.
As easy as having a backup of the company’s data. This way, even if the ransomware had infected the systems, the data could have been recovered from the backup and that was the end of the problem.
Yes, ransomware attacks are becoming more frequent and sophisticated.
And yes, cybercriminals are shifting their focus to quick profits.
No, we are not telling you anything new: ransomware is an old acquaintance.
And it is also true that the rise in popularity of cryptocurrencies has made these attacks even more lucrative.
In short, ransomware is the most common form of malware and accounts for 37% of all malware attacks 😱 (source: Symantec, 2017).
But it’s not all negative.
Protecting against ransomware attacks is possible, it just requires a multidisciplinary approach that includes:
– Network security
– Endpoint security
– Data backup
(we could include a fourth point on end-user training on cybersecurity and information security, but we’ll leave that for another article 😏).
So how do we do it? Here we explain 👇🏻
NETWORKS:
You receive a spam email.
It contains a malicious attachment/link.
You are curious because the subject line catches your attention: You have won an iPhone 13 (you, who never win anything).
(What do I do? Do I open it, don’t I open it, do I click or don’t I click?)
You decide to open it / click and….
And like this, so many other ransomware techniques, such as social engineering, which involves tricking users into downloading and executing the malware.
How can networks be protected against such threats?
- Firewalls and intrusion detection and prevention systems (IDS/IPS) can help block malicious traffic.
- It is also important to implement additional security measures, such as email filtering and blocking suspicious IP addresses.
ENDPOINTS:
I don’t know what’s wrong, but when I open the file / click on the link, the computer stopped responding…
Once malware enters the network, it can search for and encrypt files on users’ computers.
How to protect users’ computers against malware?
- Endpoint security solutions: antivirus and malware detection and removal tools
- Ensure that computers are up to date with the latest software and security updates.
DATA BACKUP:
- Well no, we don’t have a backup of your computer….
- What the…?!?
- Sorry, unless you can recover a file from a USB stick you happen to have lying around… You’ve lost everything.
Network and endpoint security solutions can help block and remove ransomware, but criminals may still be able to encrypt files before the malware is detected.
Backing up data is vital to minimise the impact of an attack. These should be stored on an external device that is not connected to the network. It is also important that backups are performed regularly and tested to verify that data can be restored.
Ransomware attacks are a growing threat to businesses and individual users. It is up to you whether you want to continue to risk paying the consequences of an attack, or take action before it is too late.