Today, there’s a good chance you know of either an individual or a company who has fallen victim to ransomware. In fact, unless you have been living in the Amazon jungle with no connectivity, you will have heard of the simple, yet terrifying concept of ransomware.
“Essentially, ransomware is malicious software that is designed to hold up a computer system until a certain amount of money is paid. It’s a simple, yet terrifying prospect, and a scourge that is growing exponentially, with new types of ransomware rearing their heads on a regular basis,” says Lauren Wain, General Manager at Credence Security.
“In fact, given the surge in popularity of this scourge, if you haven’t been hit personally, you’re either extremely lucky, or you have the right tools and measure in place to prevent attacks of this nature,” she adds.
Wain says that dealing with a ransomware attack once it’s happened is like playing Russian roulette. “Unless you have backups, or the threat actors seriously messed up, you’ll end up either losing everything, or being forced to pay a ransom. Unfortunately, even paying the ransom is no guarantee that the files will be unlocked.”
Given how prolific ransomware is, businesses need to find better ways of combatting this scourge. “Ransomware is the ideal tool for the cyber criminal. It’s almost a form of passive income, as all they need to do is buy the necessary tools for a few dollars on the dark Web. Many sellers of this type of malware even offer customer service and support for their tools. The victims, who find themselves unable to access crucial files and systems, are desperate to get their access back, and often end up paying. Moreover, payment is usually in untraceable Bitcoin, making the transactions near impossible to trace.”
Over and above the individual, a successful ransomware attack on a sensitive industry such as healthcare, or finance, can have catastrophic events. “We have seen a shift in this type of attack, which is moving away from individuals to target businesses and larger entities. This isn’t surprising given that organisations have far deeper pockets than most individuals, and have more at stake should their businesses be inoperable for hours or even days.”
In terms of fighting this threat, Wain says there are several expected ways that companies can protect themselves. “These include having a really good anti-malware solution in place, as well as having up-to-date backups. In addition, never overlook staff education. Teach users about safe Internet behaviour, such as not clicking on suspicious links and similar. You’d be surprised how many individuals will still click on a link without giving it a thought, but it still happens frequently.”
Intrusion prevention systems (IPS) can also be effective in preventing ransomware. “These tools scrutinise network traffic, looking for any attempts to take advantage of holes or vulnerabilities. Bear in mind that vendors can only release a patch for a vulnerability once it’s been discovered, and this can take days to release and roll out, and then the organisation still needs to apply it to relevant systems. IPS can weed out any attempts to exploit these.”
Another useful tool, she says, is email security – particularly blocking attachments in emails. “As I said earlier, users are still inclined to click on links and attachments without thinking, and blocking all but the most crucial attachments can prevent this from happening.”
Ultimately, ransomware is a threat that is on the rise, and poses a massive danger to all businesses in all industries. “Companies need all the help they can get. There is no one solution, but a combination of tools, procedures and common sense can help prevent your business from becoming the next victim,” concludes Wain.
Behind the scenes
Established in 1999, Credence Security, previously ARM, the regions speciality distribution company, specializes in IT security, Forensics and Incident Response. Working closely with leading IT security vendors including AccessData, Fidelis CyberSecurity, eSentire and Digital Guardian, Credence Security delivers Cyber and IT Security technologies and solutions that protect
organisations against advanced persistent threats, malicious adversaries and internal malpractice.
- The Truth About Xenophobia in South Africa |#Insights |#Devan Moonsamy - September 16, 2019
- FLEXIBLE WORKSPACE IS THE NEW FRANCHISE FRONTIER | #eBizInsights - September 16, 2019
- How the office will change by 2025 in Africa? |#eBizInsights - September 13, 2019
- Its more than gender based violence – it’s a complete collapse of our moral fibre and care for our fellow man|#PayItForward |#Ingrid von Stein - September 13, 2019
- Your own free Trade Mark search |#Insights |#IP Braai - September 13, 2019
- The MediaShop dominates MOST Awards! - September 11, 2019
- Are you Emotional Intelligent in your work place? |#Insight Trends |# Losego Motshele - September 11, 2019
- Reaching the base of the pyramid consumer has to be highly relevant|#Marketing Insights |#Lorraine Gwewera - September 11, 2019
- As entrepreneurs and business managers we are expected to speak in front of people – here are a few tips |#Insight |#Howard Feldman - September 10, 2019
- Making the transition to Dynamics 365 - September 10, 2019