The Six Best Practices to Prevent Ransomware Infection
Ransomware needs no introduction and is perhaps the most damaging and widespread form of cybercrime in years. Several high-profile businesses fell hostage to ransomware in the first half of 2021, with U.S. agencies now prioritizing ransomware incidents as serious acts of terrorism. In 2020, attack incidents grew by 800 percent, and 73 percent of those attacks were successful. This year, researchers are reporting a two-fold rise in ransomware-led cybercrime.
Attack techniques and common root causes
While the FBI is reportedly tracking as many as 100 variants of ransomware, most ransomware vectors follow a common thread. Here are the top attack vectors:
- Targeted attacks: Attackers deliberately target businesses with a motive to inflict damage, cause reputational harm, exfiltrate sensitive information, extract a ransom payment, or all of the above. For example, a new malware that deliberately destroys data on infected devices, AKA wiper ransomware, is used to carry out espionage and destroy information.
- Supply chain attacks: Modern enterprises have strong defenses and mature processes in place, but intermediaries and third-parties sometimes do not. The growth in supply chain attacks proves attackers are fully aware that supply chains can be leveraged to get a foot in the door of the target organization. The European Union Agency for Cybersecurity predicted supply chain attacks would quadruple in 2021 compared to 2020.
- Unintentional attacks:There’s always a possibility for victims getting infected by clicking on a mass phishing email, visiting an infected web page, downloading a malware-laced file or application, or through collateral damage resulting from a ransomware attack on a partner organization. In the case of a double extortion, when a mental therapy center was attacked by ransomware, the extortionists leveraged the stolen data and heartlessly blackmailed patients.
Ransomware is a symptom of an infection, and infections are the results of common root causes that include:
- Spam/phishing emails:This is by far one of the most prevalent social-engineered threat vectors and root causes of ransomware.
- Poor user practices: Victims lack security awareness, are careless in their online behavior, and do not practice the art of healthy skepticism. This habit eventually leads to a malware infection.
- Weak passwords: Poor password management is also a common root cause of ransomware attacks. Password reuse is a common phenomenon, and credentials are often stolen by hackers and sold on the dark web. The ransomware attack that took down the Colonial Pipeline earlier this year was the result of a compromised password.
Read the full article here
SUPPORTING CONTENTDiscover more
Understanding the ransomware menace
The average cost to recover from a ransomware attack is $1.85 million. No sector is immune. Ransomware attacks hit police forces, healthcare provider...
Continuous Supply Chain Assurance: Monitoring supplier security
Suppliers help to keep operations moving for all organisations, but this also brings information risk that you must keep a watchful eye on.
Related NewsView All News Articles
Security Think Tank: Reframing CISO-boardroom relations
Read Emma Bickerstaffe's latest article for Computer Weekly as she offers CISO's food-for-thought following the pandemic.
Is cyber insurance a worthwhile investment?
Here are five questions to help determine if your company needs cyber coverage. The cyber insurance market is rapidly maturing and there are many rea...