Ransomware has become synonymous with the onslaught of recent cyberattacks. Its mere mention brings businesses and governments to their knees. From the Colonial Pipeline and CWT global breaches, to the aftermath of the WannaCry attack and Not Petya outbreak, ransomware is dominating the headlines and taking no prisoners.
With its ever-present focus in the news cycle, one may think the risk of ransomware is new and just now starting to impart serious damage. This assumption is wrong. Ransomware has been inflicting financial and data loss for over 30 years. What has changed is the frequency of attacks, players affected, and new technologies that have made ransomware the malware de jour of the cyber battlefield.
Defining the Terms
Ransomware attacks immobilize data, allowing cybercriminals to block access to critical files until a fee has been paid. Driven through social engineering, phishing attacks, and embedded malware hidden in attachments, malicious actors use these avenues for extortion and look to maximize the damage.
If this wasn’t enough to make the hairs stand up on your arm, often when the ransom is paid, the private data will be kept by hackers be released at a later date. With 46% of CSOs/CISOs in the U.K. considering ransomware the biggest cybersecurity threat to their business in the next two years, the threat has been recognized, and the next step is mitigating it.
What has amplified the threat?
Trying to get to the root cause of the rise of ransomware can be a bit like going down a rabbit hole. From poor cyber awareness and reliance on out-of-date security products, a business consistently leaves itself vulnerable to attack. Compound these factors with the rise and the massive hype of cryptocurrencies and you begin to see how many layers have influenced the prominence of ransomware attacks.
Cryptocurrency
Most ransomware attackers demand payment in bitcoins, which is one of the implementations of blockchain. The WSJ puts it more bluntly: “Ransomware can’t succeed without cryptocurrency. The pseudonymity that cryptocurrency provides has made it the exclusive method of payment for hackers.” Cryptocurrencies have become the oil that lets the wheels of ransomware slide down the tracks. While it’s surely not the sole rationale for the spike, its broad accessibility and high level of security have facilitated ransomware on more than a few occasions.
While it may be too late to stop the surge of cryptocurrencies dominating the headlines organizations can take some practical steps to limit their impact. From implementing a dynamic endpoint detection and response policy to investing in Business Continuity and Disaster recovery planning, proactive solutions will always prevail over quick wins and giving in to extortion.
In a time where many businesses are stockpiling cryptocurrency to prepare for the inevitable, taking proactive measures to decrease your attack surface will pay higher dividends and reduce the potential for data breaches.
Paying Ransoms
Giving in to extortion emboldening cybercriminals and often does not provide assurances for the security of your data. With ransomware payments rising by 100% in 2020 the ability to prevent ransom payments has grown from cyber insurance vendors and the federal government alike. It’s easy to say that vendors and victims should pay the cost, the potential to return to business as usual, ballooned by potential insurance payouts have complicated the role of paying ransoms in the cybersecurity equation.
How can we convince victims and corporations to stand up to the threats and refuse to pay the ransom? Ensuring businesses can weather the storm of ransomware attacks must involve a mix of creating backups to prevent the loss of data, updating cyber insurance policies to prevent excessive loss of assets, and creating clear lines of communication to customers concerning the breach. While no one wants to admit their shortcomings, building the foundations of trust and establishing a process to mitigate the losses helps severely dampen the perceived need to give in to the ransom request.
Human Error
Over 90% of cyberattacks are initiated through human error. While implementing best-in-class security layers may provide critical value, these processes will always be limited by those implementing them. To catch the low-hanging fruit in cybersecurity prevention, employee education and the introduction of broad cybersecurity policies can mitigate this risk and bring employees into the security driver seat.
With so much at risk due to simple mistakes, improving employee cyber awareness should be a central tenet of any ransomware defense. In practice, this is slowly gaining traction.
According to a recent Proofpoint survey “73% agree that they need to improve their employee cybersecurity awareness training and, despite the numerous challenges facing CISOs, 49% have made it their number one priority in 2021.”
How can you decrease human error?
- Integrate cyber awareness training at regular intervals
- Improve lines of communication between IT and other departments
- Focus on explaining cyber risks in non-technical terns
- Adjust your cyber curriculum based on the needs and skill set of your team.
By focusing on demystifying cyber risks, removing unneeded scare tactics, and bring down techniques in a language that is approachable to your team many avoidable cyber mistakes can be resolved. By investing in your team, you create a more cyber-aware organization with the skill set and confidence to mitigate cyber-attacks.
The Best Defense is a Good Offense
The only way to guard against ransomware is by going on the offensive. Long gone are the days where firewalls and strong passwords were enough to mitigate the risk. Now, businesses must implement active and forward-thinking methods to mitigating risk or face devastating consequences. In practice, this means taking a critical reapproach to how c-suites and IT professionals have traditionally understood cyber risk management and what needs to be changed moving forward to prevent massive data breaches.
The looming shadow of ransomware is nothing new, but its potential costs are growing exponentially. By taking a deeper look at the rise of cryptocurrencies, the real costs of paying ransoms, and the value of employee education, organizations can significantly reduce the risks associated with ransomware attacks.
This article originally appeared in Forbes