Finding ways to fight ransomware | #eBizWires
Today, there’s a good chance you know of either an individual or a company who has fallen victim to ransomware. In fact, unless you have been living in the Amazon jungle with no connectivity, you will have heard of the simple, yet terrifying concept of ransomware.
“Essentially, ransomware is malicious software that is designed to hold up a computer system until a certain amount of money is paid. It’s a simple, yet terrifying prospect, and a scourge that is growing exponentially, with new types of ransomware rearing their heads on a regular basis,” says Lauren Wain, General Manager at Credence Security.
“In fact, given the surge in popularity of this scourge, if you haven’t been hit personally, you’re either extremely lucky, or you have the right tools and measure in place to prevent attacks of this nature,” she adds.
Wain says that dealing with a ransomware attack once it’s happened is like playing Russian roulette. “Unless you have backups, or the threat actors seriously messed up, you’ll end up either losing everything, or being forced to pay a ransom. Unfortunately, even paying the ransom is no guarantee that the files will be unlocked.”
Given how prolific ransomware is, businesses need to find better ways of combatting this scourge. “Ransomware is the ideal tool for the cyber criminal. It’s almost a form of passive income, as all they need to do is buy the necessary tools for a few dollars on the dark Web. Many sellers of this type of malware even offer customer service and support for their tools. The victims, who find themselves unable to access crucial files and systems, are desperate to get their access back, and often end up paying. Moreover, payment is usually in untraceable Bitcoin, making the transactions near impossible to trace.”
Over and above the individual, a successful ransomware attack on a sensitive industry such as healthcare, or finance, can have catastrophic events. “We have seen a shift in this type of attack, which is moving away from individuals to target businesses and larger entities. This isn’t surprising given that organisations have far deeper pockets than most individuals, and have more at stake should their businesses be inoperable for hours or even days.”
In terms of fighting this threat, Wain says there are several expected ways that companies can protect themselves. “These include having a really good anti-malware solution in place, as well as having up-to-date backups. In addition, never overlook staff education. Teach users about safe Internet behaviour, such as not clicking on suspicious links and similar. You’d be surprised how many individuals will still click on a link without giving it a thought, but it still happens frequently.”
Intrusion prevention systems (IPS) can also be effective in preventing ransomware. “These tools scrutinise network traffic, looking for any attempts to take advantage of holes or vulnerabilities. Bear in mind that vendors can only release a patch for a vulnerability once it’s been discovered, and this can take days to release and roll out, and then the organisation still needs to apply it to relevant systems. IPS can weed out any attempts to exploit these.”
Another useful tool, she says, is email security – particularly blocking attachments in emails. “As I said earlier, users are still inclined to click on links and attachments without thinking, and blocking all but the most crucial attachments can prevent this from happening.”
Ultimately, ransomware is a threat that is on the rise, and poses a massive danger to all businesses in all industries. “Companies need all the help they can get. There is no one solution, but a combination of tools, procedures and common sense can help prevent your business from becoming the next victim,” concludes Wain.
Behind the scenes
Established in 1999, Credence Security, previously ARM, the regions speciality distribution company, specializes in IT security, Forensics and Incident Response. Working closely with leading IT security vendors including AccessData, Fidelis CyberSecurity, eSentire and Digital Guardian, Credence Security delivers Cyber and IT Security technologies and solutions that protect
organisations against advanced persistent threats, malicious adversaries and internal malpractice.
- An insight into the Logistics world | #eBizInsights | David Slotow - September 18, 2018
- Medically-induced employee incapacity | #eBizWires | - September 18, 2018
- Calling all school entrepreneurs – R100 000 is up for grabs! | #eBizEnrepreneur | Leon Lategan - September 14, 2018
- Recognising, rewarding and retaining ‘high value customers | #eBizInsights - September 6, 2018
- To email or not to email? | #eBizWires | Paul McIntyre - September 6, 2018
- Power of Positivity Podcast | #eBizInsights | Howard Feldman - August 29, 2018
- Reuters partners with CG Consulting to grow in Africa | #eBizmarketing - August 27, 2018
- Deadline aside, companies can really benefit from Employment Tax Incentive - August 27, 2018
- Decision Inc. invests into education with Mother of Peace | #eBizWires - August 27, 2018
- Gamification – businesses aren’t playing around with tech | #eBizWires - August 27, 2018
- An insight into the Logistics world | #eBizInsights | David Slotow
- Medically-induced employee incapacity | #eBizWires |
- Calling all school entrepreneurs – R100 000 is up for grabs! | #eBizEnrepreneur | Leon Lategan
- Recognising, rewarding and retaining ‘high value customers | #eBizInsights
- To email or not to email? | #eBizWires | Paul McIntyre
- Power of Positivity Podcast | #eBizInsights | Howard Feldman