Ransomware, A malicious malware that cyber criminals use to hold computer or computer files for ransom has become an increasingly popular way for malware authors to extort money from companies and consumers alike.
In today’s ‘information age’, any temporary loss of data can totally disrupt business-critical processes leading to Lost sales, Reduced productivity, Significant costs for system recovery.
As of 2016, it was considered one of the most prevalent forms of attack against computer systems, requiring limited exposure to vulnerabilities and minimal reconnaissance on target.
We have seen a big number of Ransomware attacks on hospitals pausing a great threat-to-life because they directly threaten a hospital’s ability to provide patient care, that puts patient safety at risk.
Financial institutions and other organisations have also being victims of ransomware attack recently – Some organisations (e.g Chilean bank BancoEstado) were forced to shut down its services due to the attack.
We are at point where “Ransomware as a service – RaaS” is getting popularities which cause the rise of ransomware attacks despite of the Anti-Ransomware cross-industry initiative named, No More Ransomware – A global campaign to combat Ransomware attacks to help Ransomware victims recover their data without having to pay ransom to cyber criminals which was initiated by Europol, The Dutch National Police, Intel Security and Kaspersky Lab.
Organisations and individual alike are encouraged to follow these simple guidelines to combat ransomware attacks.
Back up your important data –The single biggest thing that will defeat ransomware is having a regularly updated backup. Be sure to keep backups offsite where attackers can’t find them.
Install Software Updates –Malware authors frequently rely on people running outdated software with known vulnerabilities, which they can exploit to silently get onto your system. Ransomware like WannaCry and NotPetya relied on unpatched vulnerabilities to spread around the globe. Therefore, its strongly advised to Patch early, patch often.
Make use of reputable security suite – Most malware relies on remote instructions to carry out their misdeeds. It is strongly advised to have Use anti-ransomware protection, anti-malware software and a software firewall to help you identify threats or suspicious behaviours. Malware authors frequently send out new variants, to try to avoid detection, so this is why it is important to have layers of protection.
Educate your users – People are often the most vulnerable element in any business – Teach your employees about IT security basics, including: Awareness of phishing and spear-phishing risks. The security implications of opening any email attachment that looks suspicious–even if it appears to be from a trusted source.
Have a well-tested procedure to respond to Ransomware – Well tested assumptions should be documented and shared to all users of the IT assets, this way will get the organization or an individual familiar with which steps to be taken in the event of ransomware or the like so as to safeguard oneself as well as organization data.
It should be noted that the recent rash of ransomware attacks has generated a lot of breathless news coverage, mainly because it is a departure from previous trends in financially motivated malware (which tended to be stealthy and thus not data-damaging).
Ransomware can certainly be frightening, but there are many benign problems that can cause just as much destruction.
That is why it has always been, and always will be, best practice to protect yourself against data loss with regular backups.
That way, no matter what happens, you will be able to restart your digital life quickly.
If anything, good can come out of this ransomware trend, it is an understanding of an importance of performing regular, frequent backups to protect our valuable data.
In addition, regularly install program updates, and purchase reputable security tools. Good cyber hygiene and best practices are important to protect an organization from a ransomware attack.
Using two-factor authentication across an organization has proven effective in reducing the likelihood of an attack. It is also critical to know your threat landscape, know who has access to your assets and to secure those assets. Managing the configurations and patching of your assets will increase your security posture and decrease the risk of attack.
While cyber security should always be a top priority, it is important stay vigilant and keep data safe from malicious actors.
The document is prepared by Augustina Baker (TechWarn, USA) and Eng. Gaspari Shiliba (Cybersecurity Specialist, TZ) – Edited by Yusuph Kileo (Cybersecurity and digital forensics Expert , AfiCTA board).