Ransomware wreaked havoc among individuals and organizations over the past few years, making a name for itself across the globe. Although the chatter around the malicious software may have quieted down, the threat is very much alive, and working hard to hand out ultimatums to its victims – pay up to unlock your data or lose it indefinitely.
Cybercriminals are continuously improving their techniques and attack methods, a large contributor to the fact that we’re hearing less about ransomware than many other attacks that have recently risen in popularity. Aside from the growing threats in the news, such as targeted phishing attacks and Business Email Compromise (BEC) scams, the de-emphasis on ransomware in large part comes from cybercriminals finding new ways to infiltrate a user’s system in a more targeted, harder to measure approach.
How is ransomware distributed?
The most common way for ransomware to be distributed is via a phishing email containing malicious attachments. The malware may be directly inside the attachment or may include a link to a website hosting the malicious software. Another common method for dispersing malware is by using an exploit kit to search for vulnerabilities in outdated software and then exploiting those vulnerabilities.
Vulnerable servers are also an open door for cybercriminals to distribute ransomware. Once a hacker gains access to a server, they can do serious damage, some of which may involve using administrative rights (which can also be obtained relatively easy with the right tools) to turn off certain protections that may alert administrators of the threat.
Who is a target?
Everyone can be a target for ransomware. While cybercriminals do have industries they favor and target, such as the healthcare and financial industries, everyone is susceptible to a ransomware attack if the proper training and security measures aren’t in place. Whether an individual user, small business, or large enterprise, everyone is fair game to a cybercriminal looking to make money via ransomware.
With that said, cybercriminals may be doing more research these days to choose their victims. Many believe that hackers are targeting fewer victims through ransomware, however, the truth is that they are just choosing the right victims. What does that mean? Cybercriminals are choosing targets who they believe CAN afford to pay large ransoms and CANNOT afford to lose their data – resulting in fewer attacks but more success for the attacker.
How can you protect yourself and your organization?
- Provide security awareness training routinely to educate employees on current threats and best practices.
- Ensure proper controls are in place that only allow employees to access areas and information needed to perform their job function.
- Utilize two-factor authentication as an added security metric for gaining access to your system and your company’s sensitive data.
- Use a VPN to remotely connect securely to your network.
- Keep your systems up-to-date and patch when necessary to prevent system vulnerabilities from being exploited.
- Make sure your organization is using reputable antivirus software and firewall.
- Email filters should be put in place to help identify and block known threats on incoming communications.
- Confirm routine backups of your organization’s data are being performed.
- Implement policies and procedures that outline your organization’s rules and expectations, such as password requirements.
- Have a disaster recovery plan in place to ensure that your organization knows how to respond to a ransomware attack if one were to occur.
Have questions? We can help!
Next Century Technologies has been helping businesses with IT since 2001! Call us at 859-245-0582 or click here to reach out to us.
Want more cybersecurity tips to help keep your business safe & secure? Sign up for our email newsletter and have new articles & tips delivered straight to your inbox monthly.