The Rise of Ransomware is Far From Over, How to Fight Back
By: Shaun Murphy, CEO of sndr.com
It seems like ransomware attacks are becoming more and more common. This is not surprising because in the grand scheme of things for cyber criminals this type of attack is one of the easiest, simplest and most lucrative to execute. Potential victims are vulnerable because everyone is trained to move fast, read fast and absorb information rapid-fire online. This causes us to miss the little clues and nuances that can indicate a fake email or bogus software download. Cyber criminals have not necessarily changed the targets of their attacks so much as increased to scope as more hackers realize the returns of ransomware attacks.
Ransomware has also taken a very dangerous turn recently. It is now a really slick and customize-able software service that allows any individual or group to rapidly target and deploy a successful attack on whatever target they choose. This is great news for groups that excel at social engineering (such as advance fee fraud), but lack the software development proficiency to pull off devastating attacks. What this means is the usual targets for social engineering - high value organizations, high profile targets are the most at risk since they are the most likely to pay up to recover their data. But in reality, anyone and everyone can be a victim.
The first thing to understand is that bad things will happen to every device you use - physical or in the cloud. Someone might accidentally click on a bad link, a hard drive might fail, a bad actor might get into your network, employees might find some cool new service and upload all of your company's data accidentally, and that's just scratching the surface. Once you realize you are going to be a victim of a cyber attack, you can start taking steps to minimize risk and plug up security holes.
Companies should run drills and test employees to see if they are tricked by fake emails, then educate those individuals and the entire workforce to help prevent mistakes in the future. Consumers need to remain vigilant and trust their instincts. If you get an email that is too good to be true, or receive one from a company or service you use but don’t normally receive emails from, go with your instinct and don’t open it, click on a link or download anything. If the email is legitimate you’ll be able to get the information you need directly from the company’s site or by making a phone call.
Another priority is backups. Have something for each of your devices. Get an external drive or NAS (network attached storage). Turn on time machine for any of your Mac PCs and for newer versions of Windows, look at using File History. That's the easiest way to get started right now. Look at a more comprehensive solution for online and offline backups over time. Also, avoid using cloud backups solutions as they expose you to another harsh reality of computing - lack of security.
Regarding security, look at your user account right now, are you running as an Administrator on Windows? If your Mac pops up a dialog for you to enter your password to open an app do you do it? You can change both of these behaviors right now and mitigate the possibility of your computer being completely taken over. The general rule of thumb - the files you can access are subject to attack from any program you accidentally run so limit what your normal account can do and sandbox any new programs you acquire.
If you or your business puts everything in the cloud you might feel safe from a local attack like ransomware but think again. What's protecting your company's data on these services? A user name and password? What about the employees inside these cloud companies, since they have physical access to the servers what can they do to your data?
Finally, one tool we all have access to in the fight against cyber attacks is choice. We can demand that companies with access to personal data (health, financial, otherwise), cloud services and software providers do more to enhance security by taking our business elsewhere if a breach occurs or security is found to be lacking. Security for systems should be at the core of every service we use, if it's not then the onus is on us, the consumers, to vote with our wallets and choose services that do care about us. Attacks will happen and companies should be prepared to protect themselves and their customers.