Finding ways to fight ransomware | #eBizWires
Today, there’s a good chance you know of either an individual or a company who has fallen victim to ransomware. In fact, unless you have been living in the Amazon jungle with no connectivity, you will have heard of the simple, yet terrifying concept of ransomware.
“Essentially, ransomware is malicious software that is designed to hold up a computer system until a certain amount of money is paid. It’s a simple, yet terrifying prospect, and a scourge that is growing exponentially, with new types of ransomware rearing their heads on a regular basis,” says Lauren Wain, General Manager at Credence Security.
“In fact, given the surge in popularity of this scourge, if you haven’t been hit personally, you’re either extremely lucky, or you have the right tools and measure in place to prevent attacks of this nature,” she adds.
Wain says that dealing with a ransomware attack once it’s happened is like playing Russian roulette. “Unless you have backups, or the threat actors seriously messed up, you’ll end up either losing everything, or being forced to pay a ransom. Unfortunately, even paying the ransom is no guarantee that the files will be unlocked.”
Given how prolific ransomware is, businesses need to find better ways of combatting this scourge. “Ransomware is the ideal tool for the cyber criminal. It’s almost a form of passive income, as all they need to do is buy the necessary tools for a few dollars on the dark Web. Many sellers of this type of malware even offer customer service and support for their tools. The victims, who find themselves unable to access crucial files and systems, are desperate to get their access back, and often end up paying. Moreover, payment is usually in untraceable Bitcoin, making the transactions near impossible to trace.”
Over and above the individual, a successful ransomware attack on a sensitive industry such as healthcare, or finance, can have catastrophic events. “We have seen a shift in this type of attack, which is moving away from individuals to target businesses and larger entities. This isn’t surprising given that organisations have far deeper pockets than most individuals, and have more at stake should their businesses be inoperable for hours or even days.”
In terms of fighting this threat, Wain says there are several expected ways that companies can protect themselves. “These include having a really good anti-malware solution in place, as well as having up-to-date backups. In addition, never overlook staff education. Teach users about safe Internet behaviour, such as not clicking on suspicious links and similar. You’d be surprised how many individuals will still click on a link without giving it a thought, but it still happens frequently.”
Intrusion prevention systems (IPS) can also be effective in preventing ransomware. “These tools scrutinise network traffic, looking for any attempts to take advantage of holes or vulnerabilities. Bear in mind that vendors can only release a patch for a vulnerability once it’s been discovered, and this can take days to release and roll out, and then the organisation still needs to apply it to relevant systems. IPS can weed out any attempts to exploit these.”
Another useful tool, she says, is email security – particularly blocking attachments in emails. “As I said earlier, users are still inclined to click on links and attachments without thinking, and blocking all but the most crucial attachments can prevent this from happening.”
Ultimately, ransomware is a threat that is on the rise, and poses a massive danger to all businesses in all industries. “Companies need all the help they can get. There is no one solution, but a combination of tools, procedures and common sense can help prevent your business from becoming the next victim,” concludes Wain.
Behind the scenes
Established in 1999, Credence Security, previously ARM, the regions speciality distribution company, specializes in IT security, Forensics and Incident Response. Working closely with leading IT security vendors including AccessData, Fidelis CyberSecurity, eSentire and Digital Guardian, Credence Security delivers Cyber and IT Security technologies and solutions that protect
organisations against advanced persistent threats, malicious adversaries and internal malpractice.
- Smart Media provides Dis-Chem with unique in-store customer media experiences | #eBizWires | Mark Uria - June 22, 2018
- SA DESIGNERS UNITE IN UNPRECEDENTED DESIGNATHON | #eBizWires | Lesley Waterkeyn - June 21, 2018
- Compliance and POPIA | #eBizTechnology | Tash Finnigan - June 20, 2018
- Jewish Literary Festival has more than a way with words, it has a way with people - June 19, 2018
- CM TRADING- Simple and Successful | #eBizFinance | Daniel Kibel - June 18, 2018
- Bursary Applications Now Open | #eBizWires - June 14, 2018
- LoyaltyPlus’ refined AgriBonus helps SA’s agriculture flourish | #eBizWires - June 14, 2018
- Cloud file data requires back-ups| #eBizTechnology | Gerhard Conradie - June 14, 2018
- Using the cloud for tailored insurance solutions | #eBizInsights | Patrick Ashton - June 13, 2018
- Twitter Delinquent Disorder (TDD) | #eBizWires | Howard Feldman - June 12, 2018
- Smart Media provides Dis-Chem with unique in-store customer media experiences | #eBizWires | Mark Uria
- SA DESIGNERS UNITE IN UNPRECEDENTED DESIGNATHON | #eBizWires | Lesley Waterkeyn
- Compliance and POPIA | #eBizTechnology | Tash Finnigan
- Jewish Literary Festival has more than a way with words, it has a way with people
- CM TRADING- Simple and Successful | #eBizFinance | Daniel Kibel
- Bursary Applications Now Open | #eBizWires
Smart Media provides Dis-Chem with unique in-store customer media experiences | #eBizWires | Mark UriaBiz WiresFeaturedPodcast
- Biz WiresFeaturedPodcast
- FeaturedPodcastTechno Biz