What is Ransomware?

By Dr. Christine Izuakor

There are many variants of ransomware out there today. Some of the biggest names often discussed, especially within the last few years include Crypto Locker, CryptoWall, WannaCry, Petya, NotPetya, TeslaCrypt, and countless others. In most cases, once a user accidentally enables these, they begin encrypting files and any storage areas connected to the initially infected device to spread as far as possible through the network.

How is ransomware impacting the cyber security industry?

There are a few trends to be aware of when it comes to ransomware in 2019. The attacks have grown in popularity, so much so that Ransomware-as-a-service or RaaS is a growing industry on the dark web. Cybercriminals are able to purchase or subscribe to ransomware attack technology that they can then use against their targeted victims. While research shows a decline in the volume of ransomware attacks occurring over the last year, the latest attacks tend to be more targeted and impactful. Cyber attackers are applying the principle of “quality over quantity” when selecting their targets and planning attacks. Additionally, the impact of these attacks tends to exceed the direct financial damage that potentially results from paying a ransom. The cost also includes lost productivity, time spent on investigation and response, and potential repetitional damage if the incident is made public.

What should you do if you are hit by a ransomware attack?

The first step in addressing the threat of ransomware is prevention. Before focusing on how to respond, take measures to limit your exposure to such attacks. A few ways that you can do this are through maintaining a healthy organizational security posture and following general security best practices, including regularly backing up data. Training and awareness of employees is also a proven way to prevent attacks when done consistently. The success of an attack usually requires action from a user to execute the malicious code. The more end users are aware of the risks of clicking on links or attachments that can launch ransomware in your environment, the higher chances you have of avoiding the successful introduction of the malware in your network. Next, focus on detection and response. There are tons of network monitoring tools and technology that can be used to detect suspicious events that can lead to attacks. Veriato offers a tool called RansomSafe™ and it acts as a vital layer in your ransomware defense, combining just-in-time data protection with multiple mechanisms to detect, and shut down attacks before they hold your business hostage.

Insider Risk – How Prepared Are You?

Not every company is equally prepared to deal with insider risk. This report outlines the four stages of insider risk maturity and explores how to improve your insider risk preparedness.

About the author

Dr. Christine Izuakor
Dr. Izuakor is the Senior Manager of Global Security Strategy and Awareness at United Airlines where she plays a critical part in embedding cyber security in United’s culture. She is an adjunct professor of cyber security at Robert Morris University, and independently helps corporations solve a diverse range of strategic cybersecurity challenges.

Insider Risk & Employee Monitoring Resources

Is Employee Monitoring Software Worth The Investment?

Is Employee Monitoring Software Worth The Investment?

Key Takeaways: Employee monitoring software offers detailed insights into employee activities, enhancing productivity and bolstering data security. Choose the right software based on features, cost, integration capabilities, and scalability to align with specific...

How To Choose The Right Employee Monitoring Software

How To Choose The Right Employee Monitoring Software

Remote work is becoming increasingly common, and data breaches are a constant threat. The importance of employee monitoring software has never been more pronounced. For businesses looking to safeguard their digital assets while optimizing workforce productivity,...

UEBA: Revolutionizing Security With Advanced Analytics

UEBA: Revolutionizing Security With Advanced Analytics

Key Takeaways: Behavior-Focused Security: UEBA revolutionizes cybersecurity by analyzing user behavior patterns, providing a dynamic approach to detecting anomalies and potential threats. Flexible and Adaptable: Scalable for any organization size, UEBA integrates with...