Doubtless many organisations and users now know what Ransomware is, but as of the turn of the year, they can now check the dictionary if unsure. Ransomware has been added to the Oxford English Dictionary, emphasising in some ways the impact it has had on organisations since 2016.
During 2017 ransomware was a word that you would struggle to avoid – with headline-worthy attacks breaching networks across the globe, affecting the likes of Renault, Telefonica and on more than one occasion, the NHS. Notable ransomware attack WannaCry infected around 300,000 organisations in 150 countries in just a three-day period.
Ransomware speeding ahead of the competition
The last 12-18 months have seen an increase in both the volume and severity of Ransomware attacks, making them common place in the world of IT. According to data ascertained by malware specialists Malwarebytes, ransomware attacks to businesses increased by approximately 90% in 2017. 2017 was truly the year of ransomware with the monthly rate of ransomware attacks against businesses increasing up to 10 times compared to the rate of 2016.
However, the cyber security trends exhibited at the end of 2017 and beginning of 2018 have shown an evident shift away from ransomware. Many of the channels for distributing ransomware have turned back to their old favourites such as banking Trojans and spyware or moved onto the newer trend of delivering cryptocurrency miners. The reason for this supposed movement away from ransomware being attributed to a smaller return on investment. This is as a result of firms adopting more stringent cyber security best practices; adopting anti-ransomware technology, backup precautions, and a greater general knowledge of threats and protection methods has resulted in fewer cases where the ransom is paid. Therefore, today, it is more economical for criminals to utilize crypto-miners, ad fraud malware, and good old-fashioned credential stealing over ransomware.
Fail to plan, plan to fail.
Ransomware threats may be subdued for the time being, but cyber-criminals are still hard at work, looking for a bumper payday by exploiting vulnerable systems. With 2016 and 2017 seeing global attacks making headlines, it would be a surprise if there isn’t another in 2018, and with manufacturer Intel admitting microchip flaw ‘Spectre’, flaws are there to be exploited.
Investing in cyber-security measures can improve an organisations protection against cyber-threats and reduce the possibility and effectiveness of an attack. An aspect of cyber-security planning and data management best practice should include what actions the organisation must take if an attack does take place. Downtime caused by an attack is likely to have a negative effect on n organisation, either from an operational or reputational standpoint. One of the most effective ways to ensure that there is minimised downtime is through the implementation of a Business Continuity Plan.
A Business Continuity Plan, commonly referred to as BCP, is a high-level plan detailing what approach you take in an emergency. Including who is in the Emergency Response Team and includes the communications plan.
Disaster recovery and business continuity planning are aspects of data management and cyber-security that are most likely to be implemented in the event of a large-scale outage or full site loss. For the most part, a ransomware infection will infect several machines first then spreading to the rest of a network. Mitigating the risk of an infection spreading is a step that can save time and money if an attack does take place; this can include having separate networks for core business operations and daily workings or separate guest networks to stop infections coming from external devices.
Another area that is vital to protecting against cyber-threats is training and educating staff against the threats and how to spot an attack. Human error or intervention remains one of the largest threats to networks and is often the first step of an attack. Educating staff cuts this risk and makes systems safer.
To find out more about protecting against ransomware and best practice data management get in touch now and download the whitepaper.