You’ve seen reports of damaging cyberattacks in the news, but have you thought about how these attacks can affect your business? Whether or not you already have cybersecurity tools and processes in place, you need to be prepared for the worst-case scenario.
If you know your business is an ideal target, you can make more informed decisions about your cybersecurity overlay. Every business is at risk of cyber threats. By knowing what these cyber criminals look for in victims, you can determine the most effective way to deploy your tools and train staff to avoid cyberattacks.
The Reality of Ransomware
Ransomware is one of the most devastating types of cyberattacks, with costs estimated to reach $20 billion by 2021. Ransomware targets businesses, both large and small, hospitals, city governments, and just about any other organization or company that uses computers. As the statistics aggregated by Hashed Out reveal, these attacks are only becoming more costly and more frequent:
- Downtime costs to recover from ransomware are 200 percent.
- In 2019, the average ransom payment increased by 104 percent.
- Ryuk, ransomware that manually attacks networks using open-sourced materials, was detected 543 percent more in 2019 than the previous year.
- Sodinokibi is ransomware that encrypts victims’ files. A cybercriminal can then make the victim may recover the data. This type of attack saw a detection increase of 820 percent in 2019.
- In 2019, of the nearly 1,000 U.S. organizations impacted by ransomware, almost 76 percent were healthcare providers.
- Attacks against schools and municipalities increased by 60 percent or more in 2019.
- Roughly 15 percent of victims decide to pay the ransom asked by a cybercriminal.
How Hackers Strike?
For ransomware to work, a malicious program must be executed on an endpoint that provides access to the system files and allows the malware to encrypt them from being used. A popup will then appear on the screen, explaining what has happened and demanding a ransom be paid.
An attack vector delivers the malicious program. These vectors are something hackers use to provide their ransomware onto your computer. Vectors are often an email attachment, a social media message, or browser popups.
What Cybercriminals Want?
A cybercriminal commonly wants to achieve some financial gain or spy on a company. Others may just wish to earn bragging rights. No matter the motivation, cybercriminals look for a variety of attributes to build their ideal target profile, including:
- Weak or Non-existent Defenses– Smaller organizations are often less protected and potentially offer back doors into larger organizations
- An Abundance of Endpoints– A hacker only needs one unsecured endpoint to get into an organization. The broader the attack surface, the higher the probability of finding that one exploitable weakness.
- Valuable Digital Assets– Some of the most valuable assets include customer personal information, payment or bank information, and intellectual property. Cybercriminals can exploit these assets to get a quick payday.
- The Target’s Reputation– Bad actors assume that the higher the target’s status, the greater the likelihood they will comply or stay quiet to protect their goodwill.
The Best Defense
To defend against ransomware in its current and future forms, you need endpoint detection and response (EDR) software. The main difference between an EDR solution and an antiquated endpoint protection platform (EPP) is that EDR looks at endpoints across the entire network. At the same time, EPP focuses on each device.
By looking at what is happening across the network, you have better visibility of threats as they emerge and to respond to them before they become catastrophic. Fortunately, there are several EDR platforms to choose from, including the VMWare ransomware detection software from Carbon Black.
An Additional Layer
While software is great at detecting and responding to threats, it is better to avoid the threat altogether. The more awareness employees have of cybersecurity issues and how to identify suspicious messages and attachments, the more likely they are to avoid costly mistakes. Training, along with clear cybersecurity protocols and policies for escalation, are the foundation for preventing any ransomware attack.