5 min
It’s National Cyber Security Awareness Month right now, making it the perfect time to talk about Ransomware Prevention.
We have all heard about multiple cyber attacks over the last year. At the same time, cybercrime is a vast topic that’s ever-changing, making it one that’s intimidating to approach.
This blog post will cover some of the key takeaways from this excellent webinar on Ransomware Prevention.
Growing concern about Cyber Threats is a good thing
A few years ago, most of us probably didn’t think much about cyber crime or ransomware on a daily basis. Fast forward to today and I’m sure we all think about cyber security a lot more than we previously did.
However, the growing concern about cyber threats and crime is actually a very good thing.
More people are now discussing the topic than ever and they are looking at how they can prepare if a cyber attack were to occur. This growing concern is a positive development because it raises awareness and prompts individuals, organizations, and governments to take proactive measures to enhance cybersecurity.
This heightened awareness fosters a sense of urgency to invest in better protection, develop robust defense strategies, and collaborate on cybersecurity initiatives.
Ultimately, this collective effort can lead to improved resilience against cyber threats, safeguarding sensitive data, critical infrastructure, and digital ecosystems.
Some even argue that we’ll all experience cybercrime at some point.
“There are two types of people: Those who know they’ve been hacked and those who don’t know it yet!”
Reza Mehman
The general public is also starting to become more aware of the business risks that go along with cybercrime too.
An increase in general knowledge about cybercrime presents an easier route for service providers to have conversations with their customers about how they can add additional protection.
What is Ransomware and how does it work?
The Ransomware model is simple. It involves cybercrime gangs of the world stealing data to get money. It works like this:
- Data is stolen by cyber criminals
- The data that is stolen is encrypted
- The encrypted data is held hostage
- Attackers demand payment for the data back
Nowadays there is also an extortion piece to ransomware too. Since many MSPs or companies may have the data backed up so it can be restored, attackers also threaten to sell the stolen data on the dark web as a Plan B.
“Hackers are also very good at getting backup data too”, warns Joshua Peskay, vCIO at RoundTable Technology.
Many times, before a company is aware they are being attacked, cybercriminals have spent days lurking behind the scenes and collecting data so they may already have access to a company’s back-ups too.
This period of lurking around is known as the “Dwell Time”. Dwell Time is when cyber criminals are infiltrating the systems without being detected. During this time they’re stealing data, getting access to back-ups, assessing data, and deciding how much the data is worth to price a Ransom efficiently.
Lurking and listening behind the scenes allows attackers to come up with realistic pricing that an organization could potentially pay to get the data back.
Cyber attacks in 2023 develop quicker – the average dwell time of attackers is ten to eight days which implies that many cyber criminals spend a long time on a network before being detected. 10 days is a huge amount of time to gather information. This amount of time allows cybercriminals to be really smart and informed about the ransoms they demand from victims.
Ransomware has become a full-blown criminal enterprise
This is no longer a mickey mouse operation.
Gone are the days when a Ransomware attack had to be initiated by a lone computer genius and a piece of malware.
Nowadays, anyone can become a cyber criminal if they want to because there are many resources widely available on the dark web.
There are even Ransomware as a Service kits available for purchase on the dark web which provide full training on how to run a Ransomware attack from start to finish.
“We’ve moved from a Trojan to a full-blown criminal enterprise…it’s the modern day Ocean’s 11.”
Shanna Utgard, Senior Cyber Security Advocate at Defendify
To sum up, cybercriminals are criminal networks with a lot of resources at their disposal. In a lot of ways, they may even run like a normal company. These organizations may even have access to advanced resources like a support team, malware programmers, financial experts for moving cryptocurrencies, training systems, and more.
What’s fuelling the Ransomware fire
There are a few things that are throwing gas on the fire and helping cyber criminals work even more efficiently.
Cryptocurrency
Digital currency makes it easier for attackers to translate their stolen data assets into currency. This is because cryptocurrencies make it harder to recover extortion money. This is because of the anonymous nature of some cryptocurrencies. Digital currency provides a perfect way for attackers to get payouts from their victims and for stolen data. Read more on the crypto ransom attacks rise.
Dark web marketplaces
These act as easily accessible places for selling data stolen during an attack and accessing other resources too. Read on the top five dark web marketplaces.
Public shaming
Many organizations that have undergone a ransomware attack don’t want people to know. This provokes them to pay the Ransom fines and be done with it. This is to minimize the exposure, public shaming and reputation damage they will incur if news about the attack gets out to the public.
Critical infrastructure attacks
Attackers are more frequently targeting critical infrastructure pieces like hospitals and public services that the world depends on. This makes not paying the ransom even life threatening in some cases. The urgency of these services acts as an additional bargaining chip for cyber criminals.
How can your business work on Ransomware Prevention
So ransomware is a huge topic, increasingly important, and super scary. But how can you get started with it?
Here are some actionable tips on preventing ransomware.
Secure yourself first
Make sure your house is safe first. Find out the gaps in your own systems and determine how they can be fixed. Reassess your organization’s own cyber security health on a frequent and recurring basis.
Practice your ransomware response
Practice real-life scenarios of a cyber attack with your team. Walk through your response. Even if you’re a one-person shop, you can still practice real-life scenarios. Write down your answers and have a process in place.
- What are you doing in the event of an attack?
- How are you responding?
- What is your next action?
- How could you have been better prepared to prevent this from happening?
Ensure that cyber security and ransomware prevention features are a part of your service offering
Require an essential level of cyber security features in all your contracts. Ensure that you are offering your customers standard and add-on levels of protection.
Educate your customers
Have conversations with your customers. Keep your customers updated on cyber risks. Make sure they are following the best security practices too.
Tools like Defendify can help you manage the whole cyber security process. You can also look at additional essential tools like Domotz network monitoring software for added awareness and oversight about what’s happening on your network.
Further reading: