3 Ways to Protect Users From Ransomware With the Cloud

Protect Users From Ransomware

The threat of ransomware came into sharp focus over the course of 2016. Cybersecurity trackers have been aware of ransomware for almost a decade. Observed instances had been steadily rising, with 3.2 million reported in 2014 and 3.8 million in 2015. But in 2016, the number of instances skyrocketed to 638 million.

The St. Louis public library system became one of the latest high-profile victims when up to 700 of its computers were affected by hackers demanding $35,000 in “ransom” in order to restore access. The initial plan was to refuse to pay and to wipe the computers clean, but a workaround was discovered to thwart the hackers’ plans. Despite this optimistic outcome, library computers remained offline for weeks, severely disrupting operations and services.

As this example illustrates, no organization is immune from these attacks. In fact, a survey of 500 businesses revealed that 50 percent had dealt with ransomware in the preceding 12 months alone. This is the most urgent cyber threat right now, and it’s likely to get worse.

Why Ransomware Is Different

Cyber threats are on the rise across the board, but few have grown as exponentially as ransomware has. Part of the reason is that it’s relatively easy to deliver ransomware and infect large networks. Conducting these attacks is also low-cost, thanks to a wealth of ready-made options on the underground market, and low-risk in terms of enforcement. However, the biggest reason ransomware is so prevalent is simply that it’s profitable.

Unlike other cyberattacks that create disruption or seize control of assets with abstract value, ransomware pays direct dividends for the perpetrators. The overall amount paid out in just the first three months of 2016 totaled $209 million, a figure that was expected to top $1 billion by year’s end. The low-risk, high-reward nature of ransomware essentially guarantees that these attacks will only continue to grow in frequency and severity.

The threat of ransomware demands a response that’s not only urgent, but also strategic. Some of the unique technical features of ransomware allow it to undermine traditional approaches to cybersecurity. As a result, any security infrastructure that does not specifically address ransomware is vulnerable now and likely to be in peril soon.

The Right Approach to Ransomware Threats

Today’s ransomware landscape is such that no one-size-fits-all strategy can sufficiently guard against it. However, the broadest solution available is to rely on cloud- and network-based security and cloud-based storage to back up data and systems.

Cloud- and network-based security pushes threats away from the perimeter of the wide area network, making it much easier to detect, deflect, and destroy ransomware attacks far outside the extended network’s perimeter before they seize control. These security strategies offer a more flexible, agile, adaptive way to update your security protocols. With the features cloud-based security offers, you can edit solutions centrally and gain more visibility into threatening activities.

That’s the first step. Cloud-based storage provides a second layer of protection. While cloud-based security features thwart threats by keeping them outside the borders of your wide area network, if hackers do breach your network’s defenses, using cloud storage neutralizes the negative effects of a ransomware attack. Because you have your whole system backed up, the ploy won’t affect your organization, and you won’t need to worry about paying ransom to criminals.

Cloud-based storage won’t protect your network, but it can be a failsafe, should ransomware take hold of your systems and data. Look at it as cloud-based insurance.

Safeguarding the Future With the Cloud’s Next-Generation Solutions

The cloud is the only platform with the agility to respond to evolutions in ransomware. The purpose of these attacks won’t change, but the delivery methods certainly will. Because cloud environments offer scalable and flexible resources, they allow enterprises to reliably keep up with changes in the threat landscape. Particularly sensitive industries like healthcare, retail, and finance can leverage the cloud by partnering with security providers who offer cutting-edge portfolios of security services.

However, simply adopting cloud-based security and storage is not an adequate response to the threat of ransomware. Your IT team will need to take full advantage of the unique features of the cloud to insulate your organizations’ networks in a meaningful way. And you’ll need to bolster those efforts with an internal campaign to educate all users on the roles they play in helping to keep the network secure.

Here are three ways to implement a multilayered, cloud-based, failsafe approach to your organization’s network security.

1. Leverage advanced security features in the cloud.

Security protections layered over the cloud exceed the capabilities of almost every private enterprise’s infrastructure. They combine sophisticated access controls and advanced encryption technology with expansive capabilities for testing security and vulnerability. Many of these security features also provide necessary levels of protection against distributed denial of service attacks, amplifying their overall utility.

2. Rely on robust disaster-recovery capabilities.

The cloud will always have more reliability and resiliency built in than the average data center. Thanks to expansive storage capabilities and streamlined failover processes, the cloud is becoming the preferred platform for backup recovery. An approach that relies on multiple clouds provides expansive levels of protection without creating huge new costs or unmanageable complexity.

3. Execute expansive user education and training.

Ransomware protection is not complete without addressing the human element. Even cloud-based security is vulnerable unless users understand the threat of ransomware and the risks their personal actions can create. To create a healthy sense of urgency, point out that the cost of cybercrime is expected to reach $2.1 trillion by 2019. Complement that knowledge with education and training to familiarize all users with best practices and updated security guidelines for individuals.

If — or, more likely, when — your systems are hit with ransomware, you will have to select the lesser of two evils: pay the ransom or operate without essential data and IT.

Rather than being forced to make an impossible choice, adopt a preventive strategy as soon as possible. Fortunately, cloud-based security and storage can protect your network from the evolving threats of today and tomorrow.

By Karin Ratchinsky

Patrick Melampy
Cloud On-Ramp and Protecting Performance The expansion of remote work and the massive growth in usage of cloud-based applications have stressed existing infrastructure and put a keen focus on the performance of everyone’s network environment ...
Mark Banfield
Implement A Seamless Customer Experience The need for digital interaction has never seemed more critical than it does today. As the coronavirus continues to spread, citizens around the world are being asked to hunker down ...
Louis
More CISOs will have to deliver revenue growth to protect their budgets and grow their careers in 2023 and beyond, and a core part of that will be getting multicloud security right. It’s the most common infrastructure strategy for ...
10 Leading Open Source Business Intelligence Tools
Open Source Business Intelligence Tools It’s impossible to take the right business decisions without having insightful information to back up the decision-making process. Open Source Business Intelligence Tools make it easier to have our raw ...
Security Breach 10 Useful Cloud Security Tools
Cloud Security Tools Cloud providing vendors need to embed cloud security tools within their infrastructure. They should not emphasize keeping high uptime at the expense of security. Cloud computing has become a business solution for ...
Drew Firment
Stop Focusing on Cloud Adoption and Start Focusing on Cloud Maturity For the past several years, most organizations have made it their priority to shift much of their applications and data from on-premises to the ...
Gary Bernstein
Simplify Your Website Management with VPS Hosting VPS stands for Virtual Private Server, which is a type of web hosting service that allows businesses or individuals to host their websites and applications on a virtual ...
Stacey Farrar
Modern Auth and Exchange Online Migrations Microsoft has phased out Basic Authentication (Basic Auth), replacing it with Modern Authentication (Modern Auth) to provide increased protection and user security. Through this, Microsoft has turned off Basic ...