Ransomware - A malicious malware that cyber criminals use to hold computer or computer files for ransom has become an increasingly popular way for malware authors to extort money from companies and consumers alike.
In today's 'information age', any temporary loss of data can completely disrupt business-critical processes leading to Loss in sales, Reduced productivity, Significant costs for system recovery. As of 2016, it was considered one of the most prevalent forms of attack against computer systems, requiring limited exposure to vulnerabilities and minimal reconnaissance on target. We have seen a big number of Ransomware attacks on hospitals pausing a great threat-to-life because they directly threaten a hospital's ability to provide patient care, that puts patient safety at risk. Financial institutions and other organisations have also been victims of ransomware attack recently – Some organisations (e.g Chilean bank BancoEstado) were forced to shut down its services due to the attack.
We are at a point where "Ransomware as a service – RaaS" is gaining notoriety which has caused the rise of ransomware attacks despite the Anti-Ransomware cross-industry initiative named, No More Ransomware – A global campaign to combat Ransomware attacks to help Ransomware victims recover their data without having to pay ransom to cyber criminals which was initiated by Europol, The Dutch National Police, Intel Security and Kaspersky Lab.
Organisations and individual alike are encouraged to follow these simple guidelines to combat ransomware attacks.
Back up your important data –The single biggest thing that will defeat ransomware is having a regularly updated backup. Be sure to keep backups offsite where attackers can't find them.
Install Software Updates –Malware authors frequently rely on people running outdated software with known vulnerabilities, which they can exploit to silently get onto your system. Ransomware like WannaCry and NotPetya relied on unpatched vulnerabilities to spread around the globe. Therefore, its strongly advised to Patch early, patch often.
Make use of reputable security suite – Most malware relies on remote instructions to carry out their misdeeds. It is strongly advised to have Use anti-ransomware protection, anti-malware software and a software firewall to help you identify threats or suspicious behaviours. Malware authors frequently send out new variants, to try to avoid detection, so this is why it is important to have layers of protection.
Educate your users – People are often the most vulnerable element in any business – Teach your employees about IT security basics, including: Awareness of phishing and spear-phishing risks. The security implications of opening any email attachment that looks suspicious–even if it appears to be from a trusted source.
Have a well-tested procedure to respond to Ransomware – Well tested assumptions should be documented and shared to all users of the IT assets, this way will get the organisation or an individual familiar with which steps to be taken in the event of ransomware or the like so as to safeguard oneself as well as organisation data.
Final Thoughts
It should be noted that the recent rash of ransomware attacks has generated a lot of breathless news coverage, mainly because it is a departure from previous trends in financially motivated malware (which tended to be stealthy and thus not data-damaging). Ransomware can certainly be frightening, but there are many benign problems that can cause just as much destruction. That is why it has always been, and always will be, a best practice to protect yourself against data loss with regular backups. That way, no matter what happens, you will be able to restart your digital life quickly. If anything, the good that can come out of this ransomware trend is, it indicates the necessity for performing regular and frequent backups to protect our valuable data.
In addition, we must regularly install program updates, and purchase reputable security tools. Good cyber hygiene and best practices are important to protect an organisation from a ransomware attack. Enforcing the use of two-factor authentication across all digital security protocols in an organisation has proven effective in reducing the likelihood of an attack. It is also critical to know your threat landscape, know who has access to your assets and to secure those assets. Managing the configurations and patching of your assets will increase your security posture and decrease the risk of attack.
While cyber security should always be a top priority, it is important to stay vigilant and keep data safe from malicious actors.
Augustina Baker
TechWarn, USA
Eng. Gaspari Shiliba
Cybersecurity Specialist, TZ
Yusuph Kileo
Cybersecurity & Digital Forensics Expert, AfICTA Board
