Ransomware attacks have more than doubled this year, as criminals turn to powerful new forms of file-locking malware that are more lucrative than ever before. In fact, the McAfee Labs Threats Report for August 2019 noted a 118% rise in ransomware attacks in the first quarter of this year alone. The reason is simple, ransomware has proven to be very lucrative, with some organizations paying upwards of 6 figures to “get their data back.”
A recent ZDNet article points to three different variants of ransomware that are the most common at the moment: Dharma, Ryuk, and GandCrab. These three types of ransomware are very successful as their developers are constantly updating it, making it even more difficult to decrypt. In the case of Dharma, it spreads through an organization via open Remote Desktop Ports: it can gain access to networks without even having to get a victim to click a link or download a malicious file from a phishing email.
According to security experts and law enforcement, continually paying the ransom perpetuates further attacks. Is there a better way for SMBs and governments to secure their systems? Is it more cost effective than paying out a 6 figure ransom settlement? The short answer is yes.
Given the high cost of recovering from a ransomware attack, there are cybersecurity services that can fortify a company’s defenses at a relative bargain. A strong defensive posture is the cost of doing business, and it’s more affordable than cybersecurity failure. Businesses would be wise to check out a web portal developed by cybersecurity firms and law enforcement to help combat ransomware called No More Ransom. In some cases, they are able to help companies access their data again without paying the ransom.
There are several things organizations can do to avoid falling victim to ransomware attacks in the first place. One simple step is to ensure RDP ports can't be accessed by default credentials thereby giving attackers easy access to the network. In addition, many forms of ransomware rely on known security vulnerabilities to function, so ongoing patching of systems can prevent malware from getting a foothold into your network. Phishing awareness training is also something that can be helpful, as in many cases, ransomware can get into your systems via credentials stolen during a phishing campaign. Also, keeping regularly updated offline backups of your data is critical, so if the worst does happen, your systems can be restored without giving into the demands of cyber criminals. All of these things together are a bargain when considered what a ransomware attack could cost you.