Ransomware attacks are not a new security threat. In fact, the first was orchestrated in 1989, with its proceeds allegedly going to charity. In the past five years, however, ransomware attacks have the hit headlines across the globe. Attacks, experts say, are becoming more sophisticated, more harmful, and more frequent.
In its base form, ransomware is a type of malware designed to lock a user out of their files – typically by encrypting them with a key only the attacker knows. The methods to achieve this, however, are constantly evolving.
The notorious WannaCry ransomware is perhaps the most successful example of this. It made use of an exploit discovered by the United States’ NSA to achieve an unprecedented level of spread. It successfully hit the NHS, FedEx, and more, expanding through their network automatically to lock as many computers as possible.
Since the success of WannaCry, there has been an explosion in the number of ransomwares, some of them using similar techniques and others creating new ones. The highly-sophisticated Ryuk has had particular success in recent times, combining a credential theft trojan with manual intervention to strike swiftly across the entire network.
According to a recent SonicWall study, the number of new ransomware variants is only growing. It noted a 46% increase in new strains each year, with Ryuk accounting for a third of all attacks.
So, how high is the threat to UK businesses right now? A report by Check Point suggests higher than ever. Ransomware attacks in the UK jumped by 80% in Q3 2020 as attackers looked to exploit mass remote working. Worldwide, it says, a new organisation becomes the victim of ransomware every ten seconds.
Further, the number of so-called “double-extortion” ransomware attacks are increasing. Attackers are not only threatening to lock enterprises out of their data – they also say they’ll leak it if they don’t pay up. Nearly half of all attacks used this method in Q3 2020, making it a significant and developing risk.
Protection against ransomware attacks
With this increased threat, businesses stand to lose even more should they fall victim to a ransomware attack. As well as the weeks of downtime ransomware can bring, improper protection can lead to leaks of confidential documents and intellectual property.
Fortunately, while attacks are becoming more sophisticated, so are the cyber security solutions deployed to protect businesses from these threats. Combining sophisticated backup systems and advanced anti-malware protection, many solutions use heuristic analysis to detect known and new ransomware and stop it in its tracks. By constantly monitoring machines, these solutions will suspend a ransomware’s activities and restore a version of the file from moments before.
Further safeguards are also needed to protect local and cloud backup files. Solutions that actively monitor local files, prevent backups from being modified. When choosing cyber security backup solutions, look for products that feature strong end-to-end encryption and only allow modification by authorised agent software. This ensures that protection applies even if the ransomware tries to overwrite the Master Boot Record (MBR) or tries to attack the security software itself.
What solutions are right for your organisation?
Every company and organisation is different, with different vulnerabilities, risk profiles, IT environment and, of course, available budget. For this reason, not every security solution is right for your organisation, which is why we recommend an initial cyber security health check to help understand your requirements and environment before looking at potential solutions. If you’d like to take us up on our free offer, please click on the link below.