Ransomware: Not If, But When
2019 ended as another big year for ransomware in Canada and around the world, with exponential growth from the year before. These types of attacks are an extremely profitable style of cyber attack in which computer systems and data are taken over by hackers and held hostage until the victim hands over a payoff.
The hackers are do not discriminate, the seemingly random attacks target individuals; small to large businesses; government agencies; healthcare; and on and on. Although Canadian data is not yet available, in the US the hackers attacked:
- 113 state and municipal governments and agencies.
- 764 healthcare providers.
- 89 universities, colleges and school districts, with operations at up to 1,233 individual schools potentially affected.
- 500,000+ enterprises
- Countless individuals
So what do we do?
The challenge is that the profit for the hackers is immense in security breaches, especially ransomware. This is a big enticement for new hackers and continued innovation in how to infiltrate your cyber security defences.
Prevention is the first line of defense; we need to make sure that we don’t make it too easy for the hackers.
- Educate end users not to open emails or attachments from unknown senders or download software from torrent sites and to limit their browsing activities to approved websites and applications only
- Control administration rights to business critical data
- Keep operating systems regularly patched and updated
- Deploy next-generation firewalls and email security tools to block phishing attacks
- Install and enable top antivirus on all devices
- Enable multifactor authentication access whenever possible
Even with all the possible defenses in place, the weakest link is the individual user. Nuvollo suggests doing continued education including “mock” attacks to reinforce the fact that these hackers can be very sneaky. So with all that in place, as the title suggests, it is just a matter of time when our environment will be breached and some ransomware attacks will infiltrate. The damage these ransomware viruses can cause to businesses goes beyond data loss, which in and of itself can be devastating. Companies can experience revenue and productivity loss as well as damage to reputation.
- 77% of organizations infected with ransomware were running up-to-date endpoint protection
- The average cost per ransomware attack to businesses was $133,000 in 2017
- 54% of organizations do not have specific anti-ransomware protection in place
We at Nuvollo will not tell you that you are 100% protected. If your IT department tells you this – its time to get a second opinion. We will tell you that it is more important on how you recover when your security defenses are breached. This is where our experience comes in. We have had customers which have been hacked, Nuvollo’s industry best practises for recovery and S6 levels of security ensured that the customer was back and operational within 90 minutes.
Prevention is half the battle – recovering quickly and properly is the other half such that we need to implement a multi-layered approach to security to address the challenges of modern ransomware and effectively protect entire environment and endpoint devices. This approach needs to be comprehensive, including both preventative measures; industry best practises and policies; industry leading tools; and efficient and effective response and remediation.