Ransomware has claimed some high-profile victims in the last 2 years, with 2016 being dubbed the year of ransomware and 2017 giving rise to headline grabbing attacks such as WannaCry, which badly affected the NHS in the UK. But with so many ways for an infection to take hold, how can you guarantee that you aren’t unwrapping a ransomware disaster this festive period?

 

Who’s on the naughty list?

Cyber-criminals may not work from a naughty or nice list, but they have shown the ability to target organisations and industries who are more likely to pay a ransom. While widespread ransomware attacks, like WannaCry, aim to target all organisations and users they can, there is a notable trend in the number of publicly funded organisations being targeted. Among other highly targeted industries are healthcare, education and financial industries, all of which hold large volumes of sensitive information.

Ransom payments vary in size and some strains of code are even smart enough to tier their ransom pricing based on the amount of data that’s been encrypted or the length of time the data is left encrypted (the price rising and rising until the data is eventually deleted by cyber-criminals). Bitcoin is a popular method of payment for many cyber-criminals and the use of cryptocurrencies in this fashion isn’t likely to slow down, given the obvious benefits of anonymity to a cyber-criminal.

High-profile organisations to have been hit with ransomware in 2017 include, Maersk, Deutsche Bahn, Renault and law firm, DLA Piper.

 

Santa’s support elves

Unfortunately, with so many threats out there, it’s almost inevitable that an organisation will have to face a cyber-attack at some stage, ransomware or otherwise. But like Santa’s little helpers, working with the right suppliers and vendors can give great levels of support and help ensure that organisations of all sizes can recover.

Recovering from a cyber-attack like ransomware should be built into disaster recovery and business continuity plans and staff should be made aware of their responsibilities in the event of an attack. Of course, if an attack is widespread and has infected an entire organisation, the effects could be devastating, causing downtime, halting operations and affecting customers.

When Maersk, was struck with a global outage after a ransomware attack, senior staff had to resort to using private WhatsApp messages to communicate and get the company back up and running. The cost of the attack has since been estimated to be up to $300 million.

 

Cyber-criminals looking forward to New Years

It has been predicted that levels of ransomware attacks will increase in 2018,  and with cyber-criminals having already shown their abilities to develop ransomware strains (WannaCry combined a worm with its code to help it spread), cyber-security methods will have to evolve to cope. Predicted trends in ransomware will see a continuation in development of ransomware strains, including those targeting mobile devices and both Mac and Windows operating systems. There is also expected to be a notable increase in the number of attacks being launched as Ransomware as a Service (RaaS) attacks.

 

Stocking fillers to help protect against Ransomware

Redstor have specialised in protecting data for almost 20 years and in that time, we’ve helped hundreds of organisations recover their data after a ransomware attack. We’ve learnt a thing or two about protecting against Ransomware in that time, so sit by the tree, grab your stocking and unwrap Redstor’s 3-step guide to keeping your data safe against Ransomware.

1. Anti-Virus – This may be one of the oldest methods of protection against cyber-threats but it’s still one of the most effective and like batteries on Christmas morning, shouldn’t be forgotten. Anti-virus definitions are constantly being updated to account for new strains of attack and to stop any vulnerabilities being exploited.
2. Updates – Christmas may be a great time to get the latest version of that toy you always wanted but doing regular updates of software, hardware and firmware should be an all year job to help protect against cyber-threats. Updates will provide bug fixes and patches to help ensure systems are secure.
3. Backup – Maybe the most important item in Redstor’s stocking filler to help you keep your data safe against Ransomware, is backup. While paying a ransom may get your data back, there is no guarantee and it may leave you open to the same attack again. Having a secure, off-site backup gives you a copy of the data to recover, ensuring that you can tuck into your Christmas dinner without worrying about your data.