Protect Your Business From Ransomware
“Researchers at Carbon Black monitored dark web forums for offerings of ransomware and have estimated that the marketplace has grown to be worth $6,237,248.90, representing a 2,502 percent increase in the sale of ransomware since 2016…”
That’s the size of the ransomware market on the dark web at the time of writing. This time last year, it was worth only $250,000. That’s a 2400% increase. And it’s really no surprise, if you stop and think about it. Criminals have long since realized that hacking into a business’s server to exfiltrate and sell data, that’s hard work. It’s both easier and more profitable to hold that data hostage and demand a payment. If even a small percentage of businesses acquiesce and pay the ransom, a criminal still makes bank. And the effort on their end is less than minimal.
It’s really no surprise, then, that we’ve seen so many global ransomware attacks this year. Nor is it any surprise that the prognosis for the future is incredibly grim. Ransomware attacks are only going to become more advanced. More targeted. More devastating. And ultimately more prevalent. With that in mind, if your business isn’t already stepping up its security in response, you aren’t doing enough. The next WannaCry or NotPetya isn’t going to wait for you to be ready. It’s going to strike when you least expect it – and probably when it’s least convenient for you, as well.
But what can you do to prepare?
A few things:
- Backup your data. Figure out what information and systems are most critical to your business, and back them up on a daily basis. Whether you upload them to the cloud or keep them on-site, make sure they’re completely walled-off from your existing systems. Plenty of ransomware now is configured to seek out backups and encrypt them first.
- Be quick on your feet. Monitor your systems constantly for suspicious activity – and the moment you see something that even looks like it could be ransomware, immediately air-gap the affected system. The more quickly you isolate a potential infection from your network, the less damage it can do.
- Patch. Simply put, the majority of businesses are operating woefully insecure systems – legacy architecture that’s in desperate need of an upgrade. Given how many cybercriminals exploit simple software vulnerabilities to target their victims, that’s unacceptable.
- Train your workers. Spearphishing and social engineering remain some of the most effective methods of spreading malicious software. You need to make sure your employees are aware of the tactics a criminal might use – and that they know how to respond in a way that won’t put both themselves and your business data at risk.
Ransomware isn’t going away anytime soon. Business is booming for developers, and criminals everywhere have long since realized it’s the best way to make a cheap buck. Even smarter, more sophisticated hackers are likely to start using it as a smokescreen for more advanced attacks.
You need to get your security up to par immediately – because if you don’t, the next time a rampaging worm holds the world’s data for ransom, you might well be among its victims.
By Max Emelianov, CEO of HostForWeb