This cybersecurity awareness month, we’re going to brief you on current hot topics in the cybersecurity space. This week, we’re talking ransomware.
Chances are high that “ransomware” has been a common term tossed around your office over the last several months. The increase in enterprise ransomware attacks so far this year is enough to make any IT team or business leader nervous, to say the least.
Today, we’re going to address the questions:
- What is ransomware?
- Why are ransomware attacks so successful?
- Why have enterprise attack numbers increased?
- Who’s at risk?
- And what can your organization due to prepare?
At its core, ransomware is a strain of malware that encrypts files on a machine or network system. In order for the victim to regain access to its data, a ransom must be paid (typically in cryptocurrency) to the attacker. Depending on your data separation, network segmentation, and incident response plan, the effects of a ransomware attack vary in severity.
Ransomware first became a household term in 2017 after WannaCry quickly infected more than 400,000 hosts across the world. The game changed that day and we’re all still trying to play catch up. Attackers are constantly searching for new, more sophisticated ways to execute ransomware attacks and evade detection. This year alone, enterprise attacks have rapidly increased because attackers have found strategic targets, they believe are likely to pay out – targets like MSPs, local governments and municipalities, and healthcare organizations. Additionally, the increase in cyber insurance policies has increased the number of ransoms that are paid. We can assume, more ransom payments equal more ransomware attacks.
While firewalls and anti-virus solutions are a critical component of any strong security strategy, they are not the “ransomware silver-bullets.” To best prepare for a ransomware attack, invest in a ransomware simulation tool to determine the impact of a potential attack, and test your incident response plan – What happens in your organization if a ransomware attack occurs? Do you have backups? Can you recover from those backups? Don’t assume. Prepare for the inevitable.