Ransomware attacks on businesses are increasing and becoming increasingly effective. This is a reflection of the richness of the data and the willingness of firms to pay out, through exercising cyber-insurance options.
There are measures that companies can take in order to prepare for the year ahead according to Simon Jelley, ransomware expert at Veritas Technologies. Jelley shares his advice for Digital Journal readers.
Ransomware gangs are effective
According to Jelley, cybercriminal gangs are getting smarter: “Unfortunately, the cybercriminals behind today’s ransomware are smarter and more innovative than ever. Consider the Russia-linked REvil ransomware as a service provider. Earlier this year, before being forced offline through a multi-nation operation, the group started offering a two-stage extortion scheme that involved not only holding victims’ data for ransom but also automated DDoS attacks and phone calls to their business partners and journalists as a way to up the pressure to pay.”
Jelley also notes that: “Ransomware gangs are also getting better at phishing and taking advantage of the latest developments in artificial intelligence and machine learning to slip past permitter defenses such as antivirus and firewall software. This illustrates the need for a defense-in-depth approach to countering ransomware that places equal focus on perimeter defenses as well as backup and recovery.”
Ransomware is here to stay
Jelley says that the cost and scale of the campaign to bring down the REvil ransomware group “demonstrates just how seriously governments are taking the ransomware threat.”
Jelley adds that: “Other U.S. government initiatives in 2021 against ransomware include the U.S. Justice Department launching the Ransomware and Digital Extortion Task Force and the U.S. Treasury Department making it harder for cybercriminals to get paid in cryptocurrency.
While government initiatives to slow the scourge of ransomware are certainly motivated by the need to protect themselves from attack — plenty of government agencies (especially at the local and state levels) have been targeted with ransomware — they’re also motivated because of the startling ability ransomware has to potentially destabilize entire economies.”
Cloud vulnerabilities
While cloud solutions are convenient, they carry the risk of exposing more data. As Jelley points out: “As of this year, roughly half of all corporate data is stored in the cloud. Surely that data is as precious to cloud service providers as it is to the companies who produce and rely on it, or at least important enough to them that they proactively safeguard it against ransomware, right? Wrong.”
Instead Jelley cautions: “Far too many companies think their cloud service provider is responsible for the protection of their cloud-based data. This is an incorrect assumption that puts businesses at risk until it’s thoroughly debunked. The truth is that, as part of their standard service, most cloud service providers only provide an uptime guarantee of their service — not data protection. In fact, some make it clear in their terms and conditions that a customer’s data is their responsibility to protect. Storing data in the cloud doesn’t automatically make it safe from ransomware; it still needs strong data protection.”
Ransomware strategies are too often weak
Jelley warns about solutions that appear to be too easy, noting: “I’ve seen from vendors hawking their software as part of a ransomware resiliency strategy, when, in reality, their technology has little to nothing to do with actually protecting data from ransomware.” Jelley adds: “Ransomware is the marketing soup du jour, which is making knowing how to defend against it and which partners are the right partners to help you do that, confusing as hell. When it comes down to it, the latest perimeter defenses and tried and true data protection, including backup and recovery, should make up the core of any ransomware