A Familiar Foe — Preventing Ransomware’s Resurgence

Written by

If data security were a superhero, ransomware could be its arch nemesis – a persistent foe that won’t ever be completely vanquished.

Just when we thought ransomware was on the wane, it came back with a vengeance. In 2019, for example, several high-profile attacks against government municipalities in Baltimore, Maryland; Riviera Beach, Florida; and 22 Texas cities permeated the news cycle, and a McAfee report found that ransomware attacks increased 118 percent across all sectors in Q1.

Most enterprise organizations are aware of ransomware’s dangers and the steps necessary to mitigate risk. So why do these attacks continue with success? 

The state of ransomware in 2019
It is true that ransomware attacks have seen a downturn in popularity among hackers since enterprises began taking data security more seriously. For hackers able to identify and infiltrate systems that are lagging behind, however, the payday is still high. 

The widespread hit on small town governments, for example, is likely a result of legacy infrastructure, outdated hardware and software applications, a reluctance to install patch updates and a general lack of security funding. The hackers targeted municipalities that they correctly assumed wouldn’t have updated or complex data security processes in place.

With these types of new, vulnerable targets identified, hackers have once again become confident in ransomware attacks, spawning new offensives on local governments and public services across the United States. As the attacks grow, so does the money involved: Coverware reported in Q2 2019 that the payout for ransomware attacks has tripled from Q1, with each attack now averaging a $36,295 ransom.

Successful attacks breed confidence for more attacks. By gaining confidence, momentum and money through smaller attacks, hackers are able to open the door to larger-scale operations. With an onslaught of smaller attacks across government agencies, hackers are finding their stride through practice and increasing their understanding of what works best, making ransomware once again a prevalent and serious threat.

It’s getting smarter: attacks on IoT connected software, such as smart home devices and traffic cameras, are expected to grow as reports of the data vulnerability of IoT devices is widely circulated. 

It isn’t too late for protection
The cost of a ransomware attack doesn’t stop when the ransom is paid. If the company does succumb to the hackers’ demands, it still has to front the costs to get systems back on track. For the governments affected, this sometimes also means having to go back to the dark ages and front of the costs of manual labor and paper-sorting until the attack is past. In several government municipalities and in the wake of the massive Sony attack, staffers were forced to use paper and pens to conduct business as usual.

It’s better to stop ransomware before it happens. The best defense against ransomware entails both prevention and recovery methods. Here are a few steps necessary for protection against ransomware, or at least processes to minimize its impact:

Frequent Backups of Data: Essentially a fail-safe in the event of an attack, frequent data backups allow enterprises to revert data back to a previous save point rather than pay the hefty ransom to get it back from the hackers. These backups should be stored offline, where ransomware cannot infiltrate and corrupt them.

Restrictions to Data Access: When more people have access to vulnerable data, there are more avenues a hacker can infiltrate. Executives should be able to grant and revoke access to data stores instantly to third-party, contract or temporary employees, or anyone else who isn’t necessary for operation.

Only Operate Updated Software :Security professionals should consistently ensure that their company is operating on up-to-date software, making it harder for hackers to identify vulnerabilities in the system.

The Battle Rages On
Like Batman’s Joker or Spiderman’s Green Goblin, ransomware will continue to torment the lives of data security executives worldwide. As the battle goes on, however, enterprises can get a head start on defense by taking a few necessary precautions – and hopefully, one day, this foe will be defeated for good. 

What’s hot on Infosecurity Magazine?