Written By Alan Zeichick And Presented By Chuck Leaver
Ransomware is real, and is striking people, services, schools, hospitals, governments – and there’s no sign that ransomware is stopping. In fact, it’s probably increasing. Why? Let’s face it: Ransomware is most likely the single most efficient attack that hackers have ever created. Anyone can create ransomware using easily offered tools; any cash gotten is likely in untraceable Bitcoin; and if something goes wrong with decrypting somebody’s hard drive, the cyber criminal isn’t impacted.
A business is hit with ransomware every forty seconds, according to some sources, and 60% of malware problems were ransomware. It hits all sectors. No industry is safe. And with the rise of RaaS (Ransomware-as-a-Service) it’s gon na get worse.
Fortunately: We can fight back. Here’s a 4 step battle plan.
Good Fundamental Hygiene
It begins with training workers how to handle malicious e-mails. There are falsified messages from service partners. There’s phishing and target spearphishing. Some will get through email spam/malware filters; staff members have to be taught not to click links in those messages, or naturally, not to permit for apps or plug-ins to be installed.
Nevertheless, some malware, like ransomware, is going to get through, frequently making use of obsolete software applications or unpatched systems, as in the Equifax breach. That’s where the next step comes in:
Making sure that all end points are thoroughly patched and entirely updated with the current, most safe and secure operating systems, applications, utilities, device drivers, and code libraries. In this way, if there is an attack, the endpoint is healthy, and has the ability to best eradicate the infection.
Ransomware isn’t really an innovation or security issue. It’s an organization problem. And it’s so much more than the ransom that is demanded. That’s peanuts compared with loss of performance due to downtime, bad public relations, disgruntled customers if service is interrupted, and the expense of rebuilding lost data. (Which presumes that important copyright or protected monetary or consumer health data isn’t really taken.).
What else can you do? Backup, backup, backup, and safeguard those backups. If you don’t have safe, protected backups, you can’t bring back data and core infrastructure in a timely fashion. That consists of making daily snapshots of virtual machines, databases, applications, source code, and configuration files.
Companies need tools to detect, identify, and avoid malware like ransomware from dispersing. This needs constant monitoring and reporting of exactly what’s occurring in the environment – consisting of “zero day” attacks that have not been seen before. Part of that is monitoring end points, from the mobile phone to the desktop to the server to the cloud, to guarantee that all end points are up-to-date and protected, which no unforeseen changes have actually been made to their underlying setup. That way, if a device is infected by ransomware or other malware, the breach can be detected quickly, and the device isolated and shut down pending forensics and healing. If an end point is breached, fast containment is vital.
The 4 Tactics.
Good user training. Updating systems with patches and repairs. Backing up whatever as frequently as possible. And utilizing tracking tools to help both IT and security groups discover problems, and react quickly to those issues. When it comes to ransomware, those are the four battle-tested tactics we need to keep our companies safe.
You can find out more about this in a brief 8 minute video, where I talk with several industry experts about this concern: