Experts estimate a ransomware attack occurs about every 11 seconds, according to Cybercrime Magazine. And despite business leaders’ growing knowledge of cybercrime and increasing security budgets, the number of threats against companies continues to rise.
But why? And what can businesses do to reduce their chances of becoming attacked (or recover quickly if you become a victim)?
Recently, we sat down with Mark Rasch, an attorney, cybersecurity expert, and professor of Cyberlaw at George Washington University, to learn more about what’s driving the rapid increase in ransomware attacks, which methods criminals are using, and how you can fight back.
Today, we’re sharing a few words of wisdom from our webinar with Mark, Defang Ransomware Attacks by Leveraging PR and Legal Strategies.
What Exactly is Ransomware?
Ransomware is a form of cybercrime where criminals penetrate a system, infect that system, and encrypt data. The goal is to block an organization’s access to their own systems and/or data until they pay a (usually significant) sum of money.
Cybercriminals usually use the following four tactics to do this:
A phishing email appears to be from reputable sources, but is actually a message designed to trick victims into sharing sensitive data or downloading malicious software.
When spoofing, criminals disguise themselves using a seemingly legitimate website, email address, IP address, DNS server, or another asset to get access to a system.
- Social engineering
Social engineering works by psychologically manipulating people into sharing confidential information or allowing them access to a network. (For example, a hacker might prey on an employee and pretend to be a coworker who forgot their access code, password, etc.)
Malware is software designed to damage or disrupt a computer, server, or an entire network.
There are several reasons cybercriminals wage ransomware attacks, such as notoriety within the cybercrime community. But, as you might expect, money is the primary motivation. And today, hackers can demand to be paid through cryptocurrency, which is typically faster, easier, and more difficult to trace than traditional currency. This way, they’re less likely to get caught.
What’s Driving Attacks?
According to Mark, there are two primary catalysts behind the increase in ransomware:
- More sophisticated computers are creating more access points
Today, we rely on technology for nearly every facet of business. At the same time, the tech we use has become increasingly more complex, empowering all business operations. And the greater the number of applications we run and devices we connect, the greater the number of access points criminals can exploit.
- Larger supply chains are creating more vulnerabilities
Your organization isn’t just vulnerable to attacks from its own access points but also anywhere along the supply chain — from your hardware manufacturers to software vendors, and the supply chain for any service provider you work with.
“You think you know what industry sector you are in. You might be in banking, you might be in finance, you might be in insurance, you might be in healthcare,” Mark says. “But, if you’re in healthcare, your industry group is also telecommunications, transportation, and power generation — because a hospital can’t continue to run without electricity or supplies.”
How to Prevent Ransomware Attacks
There’s no 100 percent effective way to prevent ransomware attacks. But you can significantly reduce your risk and work to ensure that you can recover swiftly if you become a victim. Just remember: you can only control your part of the environment.
Here are three things you can do:
- Set clear guidelines for third-parties
You need to require all third parties (such as vendors and service providers) to protect themselves and report any attacks to you. But as Mark points out, it’s not enough to simply make the request or include the verbiage in a contract. Before working with a third party, take time to discuss the specifics.
“You want to be able to establish who has liability in the case of a ransomware attack. Who owns the attack? Who responds to it? Who pays for it?” Mark says. “All of that needs to be done in advance — not just to achieve compliance, but to achieve actual security.”
- Create a culture of security within your organization
Ensure everyone in your company is well aware of the threats they may encounter, what to do if they come across a possible threat, and actions they can take to help reduce the organization’s risk. The more you make good security habits a part of your workflows, the more challenging it becomes for hackers to access your data.
- Take all possible proactive steps
Make sure you have your data backed up elsewhere so you can restore it quickly, and ensure you have thorough liability protection. Additionally, always have a backup vendor or supplier you can use if a third party is attacked.
All three of these steps will help ensure your business remains operational in the event of a ransomware attack.
To learn more about how you can protect your business against a ransomware attack, be sure to check out our webinar recording: Defang Ransomware Attacks by Leveraging PR and Legal Strategies.