Subscribe to Email Updates

Subscribe

rsz_combination-lock-1224671_960_720.jpg

Ten tips to avoid your company becoming ransomware’s next victim

By Razvan Muresan on Sep 06, 2016 | 0 Comments

Ransomware, the most prolific cyber threat of the moment, gains foothold in organizations and companies via file-sharing networks, e-mail attachments, malicious links or compromised websites that allow direct downloads. The first quarter of 2016 saw 3,500% growth in the number of ransomware domains created, setting a new record.

According to a Bitdefender study carried in the United States last year, ransomware is mentioned second in the top CIO concerns for medium and large companies. According to the findings of that study, 13.7 percent of the interviewed companies perceive ransomware as a hard-to-tackle threat. The study also shows that ransomware and rootkits are perceived as particularly difficult to tackle by companies with limited experience in malware attacks.

To prevent a ransomware attack, experts from Tech Pro Research say IT and information security leaders should do the following:

      • Keep clear inventories of all your digital assets and their locations so cybercriminals do not attack a system you are unaware of.
      • Keep all software up to date, including operating systems and applications.
      • Back up all information every day, including information on employee devices, so you can restore encrypted data if attacked.
      • Back up all information to a secure offsite location.
      • Segment your network: Don’t place all data on one file share accessed by everyone in the company.
      • Train staff on cybersecurity practices, emphasizing that they should not open attachments or links from unknown sources.
      • Develop a communication strategy to inform employees if a virus reaches the company network.
      • Before an attack happens, work with your board to determine whether your company will plan to pay a ransom or launch an investigation.
      • Perform a threat analysis in communication with vendors to go over cybersecurity throughout the lifecycle of a particular device or application.
      • Instruct information security teams to perform penetration testing to find any vulnerabilities.

      Three in four security professionals see the re-emergence of ransomware as the greatest new threat to appear in the last 12 months, according to a recent survey, cited by HOT FOR SECURITY.

      Ransomware was seen as a major threat in the top predictions list in cyber security for 2016 by Bitdefender CTO Bogdan Dumitru. This March, Palo Alto Networks researchers revealed KeRanger ransomware targeted Mac users for the first time, realizing Bitdefender’s predictions about ransomware’s expansion to new operating systems in 2016.

      “We’ve already seen ransomware for Linux, Windows and Android. Mac OS is just around the corner,” he said in December 2015. “It targets both consumers and companies, and the 2016 versions not only will encrypt files and ask for ransom, but will also make all documents available on the internet if ransom is not paid. In an ironic twist, the victim will be able to recover encrypted files – when they are uploaded on the internet for public shaming.”

      Ransomware has probably been the largest unresolvable threat to Internet users ever since 2014, and it will remain one of the most important drivers of cybercrime in 2016,” Bitdefender noted. “While some operators will prefer the file encryption approach, some more innovative groups will focus on developing ‘extortionware’ (malware that blocks accounts on various online services or that expose data stored locally to everybody on the Internet). Throughout 2016, file-encrypting ransomware will most likely expand to Mac OS X as well.”

      Last year, reports show millions of users fell victim to CryptoWall version 3.0 (and many go unreported), adding over $350 million to cyber-criminals’ bank accounts.

      continuous sec
Share This Post On

Author: Razvan Muresan

Former business journalist, Razvan is passionate about supporting SMEs into building communities and exchanging knowledge on entrepreneurship. He enjoys having innovative approaches on hot topics and thinks that the massive amount of information that attacks us on a daily basis via TV and internet makes us less informed than we even think. The lack of relevance is the main issue in nowadays environment so he plans to emphasize real news on Bitdefender blogs.