2020 is no one’s favourite year, but even without the added pandemic anxiety and costs, things don’t look great for businesses with low IT security.
With more users going online (for shopping, work, and entertainment), we also see an increase in cyberattacks. Businesses and organisations everywhere face new challenges that can prove costly and damaging without proper protection and protocols.
According to the latest statistics, ransomware attacks are some of the most efficient and popular among ill-intended actors. A recent study by Cybersecurity Ventures shows that ransomware attacks may cost global organisations up to $20 billion by 2021.
Of course, ransomware is not the only threat lurking in the shadows, but since it is one of hackers’ favourite method of attack, let’s take a look at what it is and how to fight it.
What is ransomware?
Kevin Mitnick, a former hacker turned good (he used to be one of the most wanted hackers in the world), warns us that ransomware is the no. 1 threat to organisations everywhere.
The word “ransomware” comes from the words ransom and software. In short, this is a piece of malicious software designed to scramble or encrypt all the files in a computer, network, or database, so the owner can’t access the content.
Basically, your files or data are being held hostage, and the only way to get access back to it is to pay the attackers the requested ransom. Furthermore, this doesn’t guarantee you’ll get full access back, and it doesn’t protect against any future attacks.
How does it happen?
According to Kevin Mitnick, the most common method to breach one’s network is called “SpearPhishing”. For this, a malicious email is sent to all the employees in the organisation. Of course, the email will be crafted to seem like it’s coming from a trustworthy source, so users won’t suspect a thing.
Once someone clicks on the link embedded in the email or open the attachment, malware software is installed on the respective unit. The software then encrypts all the data on the said machine as well as any other servers or computers it connects to.
But there’s one extra layer to ransomware attacks called “Ransomcloud”. In this stage, cybercriminals deploy ransomware into your cloud services like Office 365 or Google Workspace. The purpose here is to encrypt all your emails and files, removing your access to any data.
This scenario is very scary as many companies use their cloud accounts to communicate with employees, suppliers, customers, and more.
How to stay safe
Kevin’s main recommendation for businesses and organisations everywhere is to use a Managed Service Provider (MSP) to prevent this from happening. These are professionals who can help improve your IT security and, if an attack still happens, recover from it without huge losses.
Of course, not every MSP is a good fit, so here are a few traits to consider when looking for one:
- They should be able to educate your employees about phishing attacks and how to steer clear of them (since this is the main way RansomCloud happens).
- A good MSP must know how to Deploy defensive technologies like Endpoint Detection and Response (EDR) tools to detect malware (like Ransomware) to stop it in its tracks once activated.
- Great support, with the option to come onsite and help the business recover.
- Have backups of both your local and cloud data using a Software as a Service (Saas) backup provider.