There are many variants of ransomware out there today. Some of the biggest names often discussed, especially within the last few years include Crypto Locker, CryptoWall, WannaCry, Petya, NotPetya, TeslaCrypt, and countless others. In most cases, once a user accidentally enables these, they begin encrypting files and any storage areas connected to the initially infected device to spread as far as possible through the network.
How is ransomware impacting the cyber security industry?
There are a few trends to be aware of when it comes to ransomware in 2019. The attacks have grown in popularity, so much so that Ransomware-as-a-service or RaaS is a growing industry on the dark web. Cybercriminals are able to purchase or subscribe to ransomware attack technology that they can then use against their targeted victims. While research shows a decline in the volume of ransomware attacks occurring over the last year, the latest attacks tend to be more targeted and impactful. Cyber attackers are applying the principle of “quality over quantity” when selecting their targets and planning attacks. Additionally, the impact of these attacks tends to exceed the direct financial damage that potentially results from paying a ransom. The cost also includes lost productivity, time spent on investigation and response, and potential repetitional damage if the incident is made public.
What should you do if you are hit by a ransomware attack?
The first step in addressing the threat of ransomware is prevention. Before focusing on how to respond, take measures to limit your exposure to such attacks. A few ways that you can do this are through maintaining a healthy organizational security posture and following general security best practices, including regularly backing up data. Training and awareness of employees is also a proven way to prevent attacks when done consistently. The success of an attack usually requires action from a user to execute the malicious code. The more end users are aware of the risks of clicking on links or attachments that can launch ransomware in your environment, the higher chances you have of avoiding the successful introduction of the malware in your network. Next, focus on detection and response. There are tons of network monitoring tools and technology that can be used to detect suspicious events that can lead to attacks. Veriato offers a tool called RansomSafe™ and it acts as a vital layer in your ransomware defense, combining just-in-time data protection with multiple mechanisms to detect, and shut down attacks before they hold your business hostage.
Insider Risk – How Prepared Are You?
Not every company is equally prepared to deal with insider risk. This report outlines the four stages of insider risk maturity and explores how to improve your insider risk preparedness.