Most people are aware that ransomware is a type of malware that locks you out of your system or encrypts business critical files and then demands payment for their release. But is the problem as bad as some would lead you to believe?
What the industry is saying?
As we press into 2021, the number of ransomware threats are increasing significantly for a number of reasons such as the payments of victims being publicized. This in turn attracts more bad actors like ProLock and DoppelPaymer, in turn making ransomware so commonplace that we now see Ransomware-as-a-Service (RaaS) in operation. This is where hackers lease out their malware for a fee to other cybercriminals propagating security breaches. The online blackmail industry is now worth approximately $6 trillion, raking in over $1 million a week with a new victim being added every 14 seconds.
What are organisations doing about it?
In the UK ransomware attacks surged 80% at the back end of 2020. Since then, authorities have been advising companies from every sector to stop paying to get rid of the problem. As of early February, ransomware payments have declined marginally with more victims refusing to pay.
Whilst this is a good start, the most effective route to combat ransomware lies in what companies are not doing, that is failing to take the threat of ransomware seriously enough in the first place. Organisations seem content to carry on with the mandated once-a-year cyber-security training courses which focus primarily on phishing emails & click-bait. Whilst these are still worthwhile, additional measures are needed due to the impact of Covid-19 which has led to many more people working from home.
Therefore, a layered security approach for all endpoints and the core storage systems of any organisation is essential. Proper security awareness training extends beyond security that only examines the HTTP traffic or DNS record. Comprehensive methods of protecting all files and mitigating insider threats is needed.
Financial, Public and Healthcare sectors seem to be a prime target for ransomware, but as we know it is not industry specific. I have personally experienced the effects of this as a customer through the attack on Garmin last summer, as I lost the training functionalities of my Garmin sports watch when they fell victim to an attack demanding a $10 million ransom. Garmin paid an undisclosed million-dollar figure, but the damage cannot be accurately quantified as they may have lost displeased customers.
How can ProLion form part of your overall cyber security?
One undeniable reason why you should care more than ever about Ransomware is the removal of barriers to entry. With the introduction of RaaS, many more criminals can now operate, and now it’s not only large organisations that fall victim, but also SMEs, local government and councils, and even sports teams, resulting in massive business disruption, reduced revenue, and disenfranchised customers.
The call to action is simple – be proactive. We have seen with the Covid-19 response that most people would not wait till they are infected with a virus before doing something about it. Likewise, with ransomware, do not wait till it is too late! In the famous underlining principle of medicine – prevention is better than cure. Visit https://prolion.com/cryptospike . Check out our free scanner for your ONTAP systems https://prolion.com/en/ransomware-scanner