7. February 2023
Ransomware – Did we learn from the past?
Ransomware continues to evolve as cybercriminals resort to newer cunning tactics. But ransomware attacks often result in far more devastating damages than a locked screen. Many managers dread coming to work only to find themselves denied computer access.
In July 2022, Creos Luxembourg S.A., a major energy pipeline operator in central Europe, suffered from a BlackCat ransomware attack. The perpetrator threatened to disclose 180,000 stolen files containing confidential information in this incident. Meanwhile, France’s Center Hospitalier Sud Francilien fell victim to another ransomware attack the following month, disrupting scheduled surgeries and appointments.
Ransomware attacks are on the rise, but why?
Since the pandemic, ransomware attacks have been increasing drastically. More than 623 million ransomware incidents were reported globally in 2021, which is twice the figure in the previous year. In Europe, ransomware attacks stole approximately ten terabytes of data each month, according to an ENISA report.
Pandemic-driven changes have catalyzed digital transformation amongst major industries and widened the attack surfaces. To navigate restrictive measures, companies shifted business operations to the cloud and encouraged a hybrid working culture. This provided a conducive environment for cyber criminals to carry out extortion schemes.
Employees can easily fall victim to bad actors without security awareness and adequate protection. Statistics showed that social engineering is the top cause of ransomware attacks. For example, employees who downloaded a malicious attachment from an email purportedly sent by a superior’s account might propagate ransomware across the organization’s network.
What can organizations do to mitigate ransomware attacks?
With the alarming rate of ransomware attacks, organizations have plenty of room to strengthen their security posture. Preventive measures that worked in the past are no longer adequate in today’s security landscape. For example, hardened servers with firewalls will not stop attackers from infiltrating employees’ computers and stealing corporate data.
Given the complexities of countering cyber attacks, the European Commission has drafted the Cyber Resilience Acts. The bill defines the framework for all internet-connected devices and software to conform to specific cybersecurity requirements. It serves to protect customers’ interests and ensure business continuity.
Meanwhile, organizations should proactively strengthen their posture against ransomware attacks with the following measures.
Improve Security Awareness
Ransomware prevention is a shared responsibility amongst all employees. Therefore, it is important to conduct security awareness training to ensure that all employees know their responsibilities and are held accountable for their online behavior. Ensure they understand that every individual interaction on a personal or work computer can impact the company’s data security and integrity.
Prepare a Robust Recovery Plan
Companies must assume ransomware attacks will eventually hit them. To minimize disruptions, IT teams should implement continuous backups and provision offline storage solutions for critical data. As ironic as it might sound, isolating critical digital assets from the internet is the best way to ensure operational continuity in today’s digitized environment.
Implement Active Prevention
Cybercriminals are constantly probing for vulnerabilities to deploy ransomware, particularly on endpoint devices. For example, the infamous WannaCry ransomware exploited a known vulnerability in the Microsoft Windows operating system and affected large numbers of computers globally, including the NHS. Therefore, deploying active prevention measures to shore up vulnerabilities and install security updates on all work endpoints is vital.
Ransomware attacks and the subsequent fallouts will continue to be painful lessons for all industries unless they take proactive mitigative measures. SecTeer helps companies to address growing ransomware threats by automating their security patch management process.