In 2016, the FBI warned of the rise of the incidents of ransomware. Since then, these malicious applications have continued to grow in sophistication. Evolving new cyberattack modelsare being developedresultingin attackers being able to launch more sophisticated and profitable attacks on a larger global scale. Consequently, the incidences of these attacks have doubled to 27 percent of cyberincidents over the previous year, 2016 . To put this trend in perspective, there were 638 million ransomware attacks in 2016, per the SonicWall GRID 2017 Threat Network .This means that organizations across multiple countries have been targeted with close to 4 million ransomware attacks per day in 2017.
WannaCry and Petya, two well-known ransomware attacks have affected thousands of targets across the world severely disruptingmany vital services. For instance, it has been reported that WannaCry was able to spread to over 250,000 computers in 150 countries . As a result, a wide range of services has been impacted, including health care, education, public services, law enforcement, utilities, and financial services. These developments further underline that all organizations, regardless of size, type of business or location are at risk.
Ransomware is adeceptive type of malware that encrypts, or locks, valuable digital files and demands a ransom to release them. A ransomware comes in different forms or strains, including encrypting or screen locking ransomware. They are also extremely disruptive to the daily operations of an organization, since it likely takes an average of 23 days to resolve a ransomware attack, per the 2017 Cost of Cybercrime Study .The same report also stated that global organizations spent on average $532,914 annuallyon ransomware attacks. While this figure is relatively low when compared to other types of attacks (e.g. malware, denial of service attacks), it is still very high. Further, it is envisioned that attackers will begin to demand more and become even more disruptive, thereby raising the costs incurred by targeted organizations. While larger organizations are generally targeted with larger ransoms, it is crucial for small and medium-sized organizations to also be prepared and protect their networks.
Organizations can include both offensive and defensive security strategies in their fight against ransomware. That is, there are strategies to reduce the risks of attacks and there are strategies to employed when fallen victim to an attack. Although, an organization may believe they will not likely become a victim, it is essential that both strategies are included in the security policies and risk management practices and procedures. Additionally, the organization should adopt security measures that include:
- modern firewall protection that can detect and prevent ransomware;
- modern sandboxing solutions that include critical and high-risk applications, including email security;
- decryption technologies to minimize risks from encrypted traffic;
- adopting evolving security best practices to ensure that the organization is fitted with responsive practices that can thwart the changing models and strategies of ransomware attacks; and
- continuous security training and awareness to minimize user vulnerabilities.
Wilson Consulting Group (WCG) aims to guide you in making suitable investments that can minimize your risks of ransomware and other cyberattacks. Our vulnerability assessment services are designed to evaluate threats and vulnerabilities and assess the resilience of an organization network, systems and processes. WCG also offers relevant risk management services including application security assessment and penetration testing, and other security services tailor made to your needs and requirements. Let us help you in defending your organization against ransomware attacks and improve your overall security posture.
