Beware of Targeted Ransomware Attacks

Increasingly, cyber criminals are moving away from random phishing attacks and towards targeted attacks on larger organisations.

Ransomware has emerged as one of the top threats facing businesses around the world today. This particularly cruel type of malware works by infecting a system and encrypting files, and demanding a ransom payment in exchange for the decryption key. Without the key, the data will be nothing more than a series of scrambled numbers. Last year, there was a more than fourfold increase of ransomware detections. Additionally, targeted ransomware attacks against larger organisations are on the rise; Europol have reported that cyber criminals are increasingly moving away from so-called “scatter gun attacks” to more targeted strikes on organisations with the means to pay ransoms of up to €1million. More commonly, ransomware is spread through phishing attacks or drive-by downloads that execute the ransomware. But attackers are now gaining access to victims’ networks through vulnerability exploitation, and then spreading to any connected systems and encrypting files, often including those stored as backups.

So how can businesses protect themselves against targeted ransomware attacks? McAfee advises that businesses take several precautions to avoid falling victim to a targeted ransomware attack. While there are certainly no silver bullets that can protect a business from a targeted ransomware attack, there are several measures that should be undertaken. Any security updates must be installed immediately. Cyber criminals exploit known vulnerabilities in third-party software, so disciplined practices when it comes to security updates is paramount. You should also ensure that your security software is updated, as it may be able to detect an incoming attack. A good backup and recovery strategy is also vital; backed up data should be stored in a separate location, as backups can often be encrypted to if accessible. To prevent downtime due to a ransomware attack, the recovery strategy should be tested frequently.