Ransomware is indiscriminatory: Prepare for everything to fail

Ransomware attacks continue to grow in frequency. In the past 12 months, 76% of organizations have been affected by ransomware attacks, constituting a 15% YoY rise according to Veeam’s Data Protection Trends Report 2022. As well as being more common, ransomware is also getting more potent. When businesses are struck by ransomware, they are unable to recover over a third (36%) of the data they lose on average. The threat landscape is as volatile as it has ever been. There are more attacks taking place. They are more diverse. And they can have grave consequences for the companies they affect.
On the other hand, rather than tremble with fear at the awesome power of the cyber attacks waiting to be deployed against them, organizations must focus on what they can control – their defence. Protecting your business against cyber-attacks requires following some fundamental and consistent principles – no matter what is being thrown at you.
The ransomware wild west
There is a lawless and brutal feeling about the current cyber landscape businesses operate in. It is difficult for governments to hold cybercriminals to account and businesses are often keen to minimise public attention towards an incident that has compromised them. This contributes to a situation where almost all the focus is on the victim (the business) rather than the criminal (the attacker).
Furthermore, ransomware – and most contemporary cybercrime – is almost indiscriminatory in terms of those who suffer. The fact is that every business is a target. Yes, hacktivist organisations such as Anonymous use organised cyber-attacks as a means of exercising social justice and to call out businesses or governments they view as immoral, unlawful, or dangerous. But even the most philanthropic and virtuous companies can find themselves begging a cybercriminal gang to restore their data and systems while a hefty ransom is demanded of them to do so.
You often see a comparison made between cyber-attacks and fishing. Hence the term ‘phishing’ which refers to using an email or text being used as bait to trick a victim into ‘biting’ – in this case clicking on the link and unwittingly downloading malware onto their device. With ransomware especially we are now seeing industrial-scale attacks being carried out which are more analogous to trawler fishing. This isn’t one guy with a rod casting out to get a bite off one or two fish. It’s AI-infused algorithms programmed to target everyone and everything – playing a blind numbers game to catch whatever it can.
This indiscriminate nature is compounded by the fact cyber-attacks are generally difficult to contain. For example, cyber warfare between nation states is a threat to every organisation – not just those deemed to be in the firing line. We saw this with the NotPetya attack in 2017 – an attack on a specific utility company – which impacted multiple unrelated organisations through an entirely organic spread of the chaos. Attack types also continue to evolve. For example, the LokiLocker attack was one of the first reported strains of ransomware to include a disk wiper functionality. This means organisations are not only held to ransom by having services suspended and threats of data extortion. Now they are being threatened with losing vast swathes of data completely if they do not pay up.
Consistent principles of defence
There is some good news for businesses. No matter how scalable, spreadable, or malicious an attack is, these various evolutions can be viewed as attackers simply using bigger guns and more of them. The fundamental principles of how you prepare your defences against even the most sophisticated and powerful ransomware stay relatively the same.
First, practice impeccable digital hygiene. All employees must be trained to identify suspicious content and be warned of the impact that malpractice using work devices can lead to. For all the might at the hands of cybercriminals, in many ways their biggest weapons are unsuspecting employees who give them the keys to the back door of an enterprise network. Given the scatter gun approach now adopted by many cyber-attacks, criminals are not necessarily targeting your organisation specifically. But if you prove to be an easy hit, you’ll become a victim.
With that said, all businesses must prepare for their defences to fail – no matter how robust you might think they are. Concepts such as zero trust and deploying techniques such as two-factor authentication can be useful for restricting the access an attacker has to data by taking over one individual’s workstation. Ultimately, the best way to protect data is to ensure that it has been securely backed up and is fully recoverable before an incident takes place. Follow the 3-2-1-1-0 backup rule, which states there should always be at least three copies of data, on at least two different types of media, at least one off-site and one immutable or offline, with zero unverified backups or errors.
While the headlines and constant discussion around cybersecurity and ransomware can be daunting, it’s important to remember than the fundamental actions required to protect data remain the same. Modern Data Protection strategies ensure businesses can protect all data from cyber-attacks, server outages, accidental loss and deletion across physical, virtual, cloud, SaaS, and Kubernetes environments. Investing in a data protection strategy and taking advantage of a solution that enables continuous backup and Disaster Recovery (DR) can give businesses peace of mind that should the worst happen, they never need to pay the ransom.
-- Contact us at [email protected]
-
Hang Seng Index back to where it was in 1997 Ben Kwok
The hits just keep on coming for the Hong Kong stock market. At yesterday's closing, Hang Seng Index fell close to two per cent to the year-low of 16,327, below the peak in 1997. Not only Hong Kong
-
What our youth need today Brian YS Wong
The headlines say it all. The suicide rate amongst 15-24 year olds in Hong Kong rose to a record high of 12.2 deaths per 100,000 people, as compared with just over a half of this number 8 years ago.
-
Reducing water pipes leakage requires departmental collaboration Dr. Winnie Tang
Water leakage in the public water networks is a perennial problem. Mainland media reported in 2021 that the leakage rate of water pipes in some cities and towns reached 30%, and the public water
-
Sanctimonious sanctions Neville Sarony
With clockwork inevitability, the proposal by a number of US lawmakers to introduce the Hong Kong Sanctions Act provoked a locust swarm of vitriolic protests. The idea of sanctioning 49 Hong Kong
-
Opportunities brought by the ageing population Dr. Winnie Tang
According to the government projection, the average life expectancy of men and women in Hong Kong in 2022 was 81.3 and 87.2 years respectively, the highest in the world. A paper published in The