Ransomware, the most prolific cyber threat of the moment, gains foothold in organizations and companies via file-sharing networks, e-mail attachments, malicious links or compromised websites that allow direct downloads. The first quarter of 2016 saw 3,500% growth in the number of ransomware domains created, setting a new record.
According to a Bitdefender study carried in the United States last year, ransomware is mentioned second in the top CIO concerns for medium and large companies. According to the findings of that study, 13.7 percent of the interviewed companies perceive ransomware as a hard-to-tackle threat. The study also shows that ransomware and rootkits are perceived as particularly difficult to tackle by companies with limited experience in malware attacks.
To prevent a ransomware attack, experts from Tech Pro Research say IT and information security leaders should do the following:
- Keep clear inventories of all your digital assets and their locations so cybercriminals do not attack a system you are unaware of.
- Keep all software up to date, including operating systems and applications.
- Back up all information every day, including information on employee devices, so you can restore encrypted data if attacked.
- Back up all information to a secure offsite location.
- Segment your network: Don’t place all data on one file share accessed by everyone in the company.
- Train staff on cybersecurity practices, emphasizing that they should not open attachments or links from unknown sources.
- Develop a communication strategy to inform employees if a virus reaches the company network.
- Before an attack happens, work with your board to determine whether your company will plan to pay a ransom or launch an investigation.
- Perform a threat analysis in communication with vendors to go over cybersecurity throughout the lifecycle of a particular device or application.
- Instruct information security teams to perform penetration testing to find any vulnerabilities.
Ransomware was seen as a major threat in the top predictions list in cyber security for 2016 by Bitdefender CTO Bogdan Dumitru. This March, Palo Alto Networks researchers revealed KeRanger ransomware targeted Mac users for the first time, realizing Bitdefender’s predictions about ransomware’s expansion to new operating systems in 2016.
“We’ve already seen ransomware for Linux, Windows and Android. Mac OS is just around the corner,” he said in December 2015. “It targets both consumers and companies, and the 2016 versions not only will encrypt files and ask for ransom, but will also make all documents available on the internet if ransom is not paid. In an ironic twist, the victim will be able to recover encrypted files – when they are uploaded on the internet for public shaming.”
“Ransomware has probably been the largest unresolvable threat to Internet users ever since 2014, and it will remain one of the most important drivers of cybercrime in 2016,” Bitdefender noted. “While some operators will prefer the file encryption approach, some more innovative groups will focus on developing ‘extortionware’ (malware that blocks accounts on various online services or that expose data stored locally to everybody on the Internet). Throughout 2016, file-encrypting ransomware will most likely expand to Mac OS X as well.”
Last year, reports show millions of users fell victim to CryptoWall version 3.0 (and many go unreported), adding over $350 million to cyber-criminals’ bank accounts.