How to prepare for Ransomware attacks in 2022
Part of the danger of ransomware is that its constantly evolving, and according to the National Cyber Security Centre, there were three times as many ransomware attacks in the first quarter of 2021 than in the whole of 2019.
Now, a new study from PwC shows 61% of UK businesses believe we will see even more incidents in 2022.
So, with the threat growing as we head into the new year, businesses will need to take more care than ever to avoid being hit by ransomware.
Here are three of the latest ransomware trends and seven ways you can better protect your business:
Mobile devices
The switch to using personal mobile devices for work is a major weak spot for any business. As many businesses have adopted a Bring Your Own Device Policy in the last two years, hackers are taking advantage of this, where smartphones and tablets do not have as strong security protocols as the office PC’s.
Typically, ransomware is downloaded when a user is tricked into opening an email attachment, clicking a link, or visiting a website that’s embedded with malware. Ransomware can also gain entry to your network through an infected device, such as a USB stick.
Businesses, generally, need to up their game when it comes to cybersecurity, which they can do by adopting policies such as multi-factor authentication and zero-trust network access, so employees can access everything they need to work securely.
IoT
IoT devices are everywhere these days and Gartner predicts that there will be over 25 billion of them before the end of the year. That’s a lot of vulnerable devices hackers can target – and presents a huge challenge for whoever will be tasked with deploying, managing, and securing all of these.
To protect your business properly from this threat, you need to make sure you have full visibility of all devices moving in and out of your network. After all, you cannot protect something you can’t see. You’ll then be able to ensure the correct actions are taken, such as changing default settings, including passwords, and disabling unneeded services to protect your people from any threats.
Double extortion threat
Up to 40% of cyberattacks now involve a form of double extortion. Instead of just encrypting files, double extortion ransomware removes the data first and then if you refuse to pay the ransom, your data is leaked online, to media, or sold to the highest bidder.
With this type of threat, keeping systems updated has never been more important. It is also vital that your business has a security strategy that includes the use of data loss prevention tools. These tools can stop the extraction or encryption of the data which initiates these double extortion attacks.
Clearly, it is crucial that businesses do all that they can to identify and stop these attacks before they cause major damage.
Here are some of our prevention tips:
- Run regular backups
Having a regular and frequent backup process in place and using a backup technology that is ring-fenced and uses intelligent technology to protect different versions of your data can limit the damage caused by a ransomware attack significantly, as encrypted data can be restored without paying a ransom.
Use at least two different backup methods, each stored at a different location.
- Keep software up to date
You should complete operating system and any software updates as soon as possible. Too many people see that there’s an update available for an application or their operating system and ignore it.
Software updates also usually contain patches for security vulnerabilities and need to be installed as soon as they’re made available. Since hackers’ techniques are always getting more sophisticated, software developers make patches so that they can keep up. If you do not accept these updates, then you are leaving yourself and your company vulnerable to attacks.
Speak to your IT provider about installing automatic updates whenever possible to streamline this process.
- Educate your employees
Provide regular, ongoing training in good cyber security practices so that your workers know how to spot things like malware, fraud and phishing emails more easily.
Instil in them the importance of not sharing personal details over the phone, or in response to unsolicited emails, as well as taking care with what they share on social media. Remind workers to never use unknown devices such as USB sticks.
- Control access
We suggest that you operate on the principle of Zero trust. This is a security framework that recognises trust as a vulnerability – essentially saying that you can’t trust anyone or anything until it has been checked out and confirmed as genuine. It requires all users, inside and outside an organisation’s network, to be authenticated, authorised, and validated before they are granted access to applications and data.
If you choose to use this, we advise that you review and remove unnecessary user permissions regularly.
- Segment your network
Network segmentation, which involves splitting off a larger network into smaller segments using firewalls, virtual LANs, and other techniques, doesn’t prevent cyberattacks from happening. However, it does stop malware or hackers from moving about within your network – a key part of double extortion ransomware attacks. Cybercriminals can’t exploit something they can’t access.
- Email security
This is crucial to combat the threat of phishing or other attacks that eventually lead to ransomware. One thing you could introduce as part of a security policy is email encryption. When you encrypt an email containing sensitive information, it means that you disguise the information so that hackers can’t read it. A public key, in the form of a digital code, is used to encrypt an email and a private key is used to decrypt an email.
For more advice, read our simple guide to email security here.
- Get password security under control
The majority of ransomware attacks involve either remote desktop credential compromise or phishing – in other words, they enter your device through brute force by finding your password. You need to implement robust password security protocols, including requiring employees to use strong, unique passwords for every account and enable multi-factor authentication (2FA) whenever it’s supported.
The bottom line is that back-ups can no longer be solely relied upon to save the day, ransomware attacks are continually evolving, and strict cybersecurity measures can help prevent and conquer them.
For more information on how to protect your business, download our free e-book – The Business Guide to Ransomware here.
Or speak to one of our experts via info@auratechnology.com.
