Focus on Security: Everything you want to know on Ransomware

Key takeaways

• Cybercrime, especially ransomware, has increased sharply during the current pandemic
• The clues to preventing ransomware lies is understanding how it works
• Threefold path to prevent, detect and protect against ransomware

Cyberattacks are the fastest growing crime in the US, causing catastrophic business disruption. Cybersecurity Ventures predicts that global cybercrime costs will reach $10.5 trillion by 2025 and will cause more damage than natural disasters and cause more damage than most other illegal activities.

The current pandemic has also seen a sharp spike in cybercrime – the most common attacks include cross-site-scripting, phishing, denial of service and ransomware, which has skyrocketed for the past two years. One of the reasons for this surge is the increase in work-from-home (WFH) and remote employees and the gaps exposed when on-site security policies do not translate perfectly into remote policies. Other culprits include outdated security practices, outmoded equipment and subpar policy adherence. These problems correlate strongly with a lack of security leadership – ISACA (previously Information Systems Audit and Control Association) reports that 87% of executives and board members lack confidence in cybersecurity initiatives.

What makes ransomware so lethal? Ransomware is a program that executes encoded instructions once it gains entry into an organization’s network. It rapidly accesses and encrypts the operating system (OS), systems, backup data and other files, rendering them unusable and bringing the organization to an absolute standstill. Hackers use extremely strong encryption standards such as RSA-2048, AES-256 or a combination of both, making them virtually unbreakable. Additionally, some ransomware programs can detect any attempts to decrypt and will destroy the data or make it irretrievable. Then, the attackers demand a settlement or ‘ransom’ in exchange for the decryption key and process to restore normal operations.

Corporations and small and mid-sized enterprises (SME) alike can safeguard their organizations against ransomware and other attacks witha robust security framework of policy, tools and education.

Organizations must build and mature their security stance to improve their cyber resilience and inspire confidence among their customers, employees and partners. Strong, proactive cyber security policies and their adherence can protect organizations from malicious actors. 

An organization’s security is only as strong as its weakest link and even if one employee drops his or her guard, it can exposed the organization to cyberattacks as seen so often. Social engineering still remains the number one point of entry for attackers, followed by breaches in data security and inadequate patch management.  To counteract it, organizations must invest in security education and awareness programs that correspond its threat landscape. 

Organizations should deploy effective tools to detect and prevent ransomware attacks, use behavioural patterns to analyse anomalies and proactively neutralize suspicious activity before it can cause damage. New technologies such as machine learning (ML) algorithms can effectively supplement coverage against ransomware.

Most importantly, leaders and board members must align, endorse and embrace cybersecurity as the path to minimize organizational risk. This is key to the success and longevity of an organization.