By Sanjay Katkar
With evolving technologies pushing the world to adopt more and more digital options, threat actors have grown more revolutionary in targeting companies and folks utilizing ransomware as one of their crucial attack approaches. The ongoing pandemic has additional escalated this trouble by serving as a further avenue for attackers to innovate their ransomware techniques.
Double extortion: The new and more effective variant of the old ransomware model
While earlier, the attackers only focused on encrypting the information and asking for a ransom in return, now they have gone beyond this strategy. What they do is threaten the victim about disclosing the information to the public and push them to spend more. With this type of threat, the victims who could even have a backup of the original information may possibly finish up paying enormous ransoms since of the worry of leakage of their sensitive enterprise information on the world-wide-web. This method is named double extortion.
As firms continue to operate from home devoid of a robust cybersecurity infrastructure, their possibilities of finding hacked and compromised are only going to improve additional. Sectors like telecom, healthcare, pharma, hospitals and even government crucial sectors – all are regarded as a target by threat actors, mainly since of their capacity to spend. This innovation in the old ransomware method has elevated the typical ransom demand to 150K USD in 2020, though for some of the higher-profile targets, it goes even beyond that.
Price beyond ransom: Additional charges linked with ransomware attacks
What most firms are not however conscious of is the added expense involved in tackling a ransomware attack. To be precise, it is not merely the ransom that the victim is supposed to spend and get their sensitive information restored. But there are other linked charges as effectively that the small business has to invest in cleaning the infected systems, generating the total expense significantly more than the demanded ransom.
These may possibly incorporate overheads associated to IT services, application and other recovery-linked expenditures such as lost revenues, employees overtime, downtime, reputational damages amongst other folks. To steer clear of such conditions, firms finish up investing on implementing tech upgrades and numerous employee awareness coaching applications, which is certainly the need to have of the hour.
Common factors why ransomware attacks are developing:
The rise in usage of cryptocurrency
With the cryptocurrency revolution, cybercriminals have got a new way to extort revenue devoid of becoming traced back to them. The revenue trail was the easiest way to track the criminals just before that. But cryptocurrency tends to make it tracking really challenging and one can not figure who is getting the revenue and from whom. And unless we do not see some of the arrests and the attackers finding punished, this trend is envisioned to develop.
International nature of the crime
The evolving nature of the crime from regional to international assists attackers to target victims in various geographical borders generating it challenging and time-consuming for law enforcement agencies to investigate and track. Weakness in cross border cooperation amongst nations additional adds to the woes and this is why cybercriminals take benefit of it.
Weak IT infrastructure
As WFH continues to be the only secure way to retain companies operating, the function of a robust IT infrastructure becomes all the more crucial to guard enterprises against attackers. Weak passwords, remote access kept open for longer hours, and other such things will only make firms more prone to attacks.
Best strategies to shield your self from attacks:
Implement zero-trust safety architecture
Increasing cyberattacks indicate how adversaries have innovated their attack methodologies and this is exactly where a zero-trust safety model comes into light. It authenticates and authorizes all customers though constantly validating safety configuration and posture just before any individual is provided access to sensitive enterprise information. Real-time authentication hence assists detect and block suspicious activities and eliminates implicit trust practices. In quick, this model trusts no one even if the user is component of the network. Organisations have to invest in this architecture as it can outcome in wins in various types such as elevated productivity, enhanced visibility, facilitated compliance, and improved utilization of IT sources, amongst other folks.
Endpoint Detection and Response (EDR)
Ransomware authors normally rely on lateral movement method exactly where an attacker breaches the perimetre, then moves laterally and infect other machines, resulting in a significantly bigger attack. Endpoint Detection and Response or EDR is a modern day resolution that focuses on enhanced visibility into connected endpoints, thereby, securing the network from malicious attacks. It operates to detect, include, investigate and get rid of malicious activities like ransomware and assists organisations respond to threats more effectively. This elevated visibility makes it possible for companies to protect against lateral movement of such attacks on their network.
Practice excellent cyber hygiene
In today’s world more connected than ever, firms have to host cybersecurity applications at the workplace (now on the internet) to aid personnel fully grasp how attacks come about, what are the anticipated loopholes and how these can be prevented. For instance, one have to know who has access to their device and exactly where. This will let you to monitor and recognize inappropriate use and guard you from information hijack. Similarly, firms have to adopt two-aspect authentication across all tech options to cease attackers from stealing credentials mostly by way of activities like phishing.
Never miss on updates invest in robust anti-malware / anti-ransomware and encryption options
It’s usual to see that one update notification just about every now and then though utilizing smartphones and laptops. Although most individuals unknowingly ignore or postpone this action, it could turn out to be a enormous error. Using the most recent applications and apps assure that customers are not utilizing any earlier or older version of the resolution that could have glitches and flaws, which could turn lucrative for hackers and damaging to you.
Similarly, normally invest in dependable anti-malware / anti-ransomware options to make your device protected against safety breaches. Efficient safety application can automatically recognize and get rid of malicious spread by performing continual scans devoid of affecting the speed and overall performance of the method and retain the device secure and healthful all the time. Additionally, an efficient information encryption resolution protects crucial information and as soon as the encryption keys are secured, the information becomes useless to any cybercriminal.
Final word
New technologies and evolving mindsets of criminals have actually changed the face of safety. Organisations have to, for that reason, spend focus to recruiting hugely tech-savvy IT pros, developing a robust safety infrastructure, and hosting cybersecurity awareness applications. Those who do not take this seriously now will turn out to be the principal victims, though these who adhere to the aforementioned practices, will be in a safer position to minimise the effect of such attacks, and could even stand a likelihood to protect against it totally.
(The author is Joint Managing Director and Chief Technology Officer, Quick Heal. Views expressed are individual.)