We all know ransomware hurts any organization. A successful attack often disrupts an organization’s normal operations. Typically, this results in a loss of income combined with the costs of responding to the attack. The organization’s reputation takes a hit once the news becomes public.
Over the last few years, ransomware has grown more sophisticated. Rather than just hold the data hostage, cybercriminals threaten to release the data publicly. To make matters worse, targets sometimes pay the ransom hoping that their data will be released. Even after paying the ransom, there’s no guarantee they’ll decrypt the data.
Coalition, a cybersecurity and cyber insurance firm, released a report this week detailing how ransomware has changed over the last year. Overall, ransomware attacks have grown more severe in multiple ways.
Ransomware Rise & Fall
According to Coalition, the number of ransomware claims fell by 18% from 2019 to the first half of 2020. However, the ransom demands have risen dramatically. The average ransom demand “increased 100% from 2019 through Q1 2020, and increased another 47% from Q1 to Q2 2020.”
Maze, a newer strain of ransomware, proves harder to deal with than others. Maze actors take advantage of this fact. Their average ransom demand in a Maze attack runs an astonishing 600% more than the overall average.
Ransomware attacks hit nearly every industry. The most-targeted industry, consumer discretionary spending, only accounts for 28% of ransomware claims. The professional services industry comes in second with 16%, followed by healthcare at 12%, financial services at 9%, and information technology at 8%. Every other industry makes up the remaining 27%.
Ransomware Protection Recommendations
Coalition offered five recommendations to reduce cyber risk. These recommendations either cost nothing or can be implemented at a low cost.
1. Multi-factor Authentication
Turn on multi-factor authentication (MFA) for all business-critical services including corporate email accounts, VPNs, financial accounts, and any other application where sensitive information is stored. While it is nearly impossible to prevent phishing entirely, using MFA can stop criminals in their tracks.
2. Email Security
Implement basic email security measures including SPF, DKIM, DMARC, and an anti-phishing solution. Email is the single most targeted point of entry into an organization for a criminal hacker, and the implementation of these email security measures can be done quickly, and for free.
3. Routine Backups
Regularly back up your systems and information, and store backups in an “offsite” location. Offsite doesn’t have to mean physically offsite, but in a location that is not connected to your main business network. This will make it far more difficult for a criminal hacker to delete or encrypt your backups.
4. Wire Transfer Verification
Implement a dual-control process when making funds transfers. Today, it is no longer safe to assume that email is a secure means of communication. Call the intended recipient of the transfer before you make it to confirm any wire instructions provided — and make sure you have an accurate phone number!
5. Password Management
Encourage employees to use a password manager (e.g., Lastpass, 1Password, or the password managers built into web browsers like Chrome or Safari). Using strong, unique passwords for each of the services you use can help prevent common criminal techniques such as “brute forcing” or “credential stuffing.”
By far, mitigating cyber risk is preferable to recovering from an attack. If you need help implementing any of these, let Pit Crew IT bring you up to speed. Request a consultation below, and do all that you can to stop ransomware before it hits your organization.