In a recent CRN article, Alvaka’s CISO and COO, Kevin McDonald, shares some alarming ransomware trends, providing insight into the world of ransomware and how it has developed. He also shares what companies need to be doing in order to protect themselves.
Ransomware Trends
Companies are being put out of business.
• Ransomware attacks are becoming more sophisticated threat actors are demanding higher ransoms. For smaller companies, or those who don’t have the right resources or prevention methods in place, these attacks can be so debilitating that they never recover and are forced to shut down.
Most ransomware attacks are preventable.
• From all of the cases that Alvaka has seen, about 95% of them could have been prevented with some basic security practices. Some of these steps include using antivirus/malware combination, patching all systems, using CIS controls, managing external access, and more. See our blog on how to Reduce the Risk of Ransomware & Other Cyber Attacks.
White House/Department of Justice has recently issued warnings regarding ransomware.
• The DOJ is raising investigations for attacks and comparing these attacks to terrorism. With these warnings, there is an expectation that businesses and organizations will have more awareness and urgency with it comes to their cybersecurity practices.
Most ransomware attacks are not reported.
• There are many reasons that business might not report a ransomware attack, including the impact it could have on their reputation and bottom line.
Ransomware can potentially kill.
• Some cases can involve critical services, such as a hospital, where patients are needing life-saving care but are unable to get it due to systems being down.
Cryptocurrency is a huge challenge.
• You can’t really kill cryptocurrency.
Attacks on MSPs can provide more bang for a threat actor’s buck.
• If an MSP is hit by a ransomware attack, there is a possibility that their clients can be hit as well.
Ransomware-as-a-Service
• The ransomware business model has become so sophisticated, there are help desks available to assist in the decrypting process.
Technology was deployed too quickly for remote services.
• Due to the pandemic, technology for remote services had to be quickly deployed without the proper security measures in place, creating a window for threat actors.
Backup is Vital!!!
• Invest in a backup and disaster recovery plan, and include insider protection measures.