Be prepared: How to prevent your organisation being held to ransom by high tech...

Thursday, 28 October 2021 13:10

Be prepared: How to prevent your organisation being held to ransom by high tech hijackers in 2022

By Luke Smith

Luke Smith, Regional Account Director, Barracuda MSP

GUEST OPINION by Luke Smith, Regional Account Director, Barracuda MSP: Ransomware is rife but organisations that do the work may be able to avoid paying out, should the worst occur.

Wondering exactly when it was that ransomware became such a ‘thing’? The past couple of years have certainly seen it thrust into the limelight, courtesy of a seemingly never ending series of high profile attacks, here at home and further afield. Household name victims have included the brewing and beverage giant Lion which saw production and distribution significantly disrupted in June 2020, after hackers hijacked its key systems and demanded a reported ransom of $1 million to set things to rights. As an ‘incentive’ for the company to pay up, proof that the perpetrators were in possession of confidential customer and company data was provided, in the form of file screenshots.

‘Hello, you have 5 days to contact us and pay, otherwise all your financial, personal information your clients and other important confidential documents will be published or put up for auction’, the accompanying ransom note read.

Old tricks, new targets

Truth to tell, ransomware has long been with us, even if it used to struggle to make the headlines. In days of yore, it was consumers who copped it, when they activated a dubious attachment, or clicked on a dodgy link, and were subsequently adjured to part with a smallish sum to have normal service restored.

But, over the past decade, the advent of crypto-currency, the rise of the cloud and widespread digitisation have created a happy hunting ground for hackers in the business world.

Organisations which haven’t paid sufficient attention to the increasing risk have made themselves ever more vulnerable to well planned, sophisticated attacks.

Not only can these attacks cripple their operations by encrypting the files they need to stay up and running, they can compromise, or threaten to compromise, the integrity of what’s arguably become their most valuable asset: data.

Just how valuable that data can be has been reflected in the size of the ransoms being levied, with hackers commonly demanding their large victims pony up six, seven and even eight figure sums.

To pay or not to pay?

Although it’s not something they want shouted from the roof tops, many victims do end up paying some or all of the ransom, to regain possession of what’s rightfully theirs.

It can be an expensive but expeditious option, particularly if the potential cost of the disruption – and the accompanying reputational damage – looks likely to exceed the sum you’re being asked to part with.

But it’s not your only option. Adopting a strong cybersecurity posture, which includes best practice protection and rigorous back-up measures that have strict access controls and multi-layer protection to prevent backups from becoming a ransomware attack target can put you in a good position to say ‘yeah nah’, should hackers come calling and find a way in.

What does that posture look like in practice? Unfortunately, there’s no single solution, no silver bullet guaranteed to ward off adversaries or stop them in their tracks. Rather, what’s needed is continuous assessment of the threat landscape and a commitment to implementing multi-layered protection, to minimise opportunities for attackers to penetrate your infrastructure and lock up your systems and data. If your business is already using an IT service provider, ensure they are using a multi-layer approach and leading vendor technologies to achieve this.

Extending your security provisions

If your organisation has adopted remote working and cloud-based applications – as thousands of businesses have done during the ongoing Covid crisis – then your attack surface has expanded exponentially. An extended protection and response program is necessary, to ensure every inch of that attack surface is monitored and managed.

A comprehensive endpoint protection solution, featuring zero trust access control and multi-factor authentication, should be an integral component of that program to protect access to applications and workloads.

So should a patching protocol that sees applications updated as a matter of urgency whenever updates are released. It’s simple housekeeping, yet known vulnerabilities for which security patches have already been developed continue to enable thousands of malware attacks each year.

Meanwhile, employees can be the strongest or the weakest link in your security chain. You’ll ensure they’re the former if you implement email protection and regular cyber awareness training, for everyone from the CEO down, and take steps to foster a security culture which sees all employees alert to the ongoing possibility of an attack.

At the same time, make sure your IT service provider is working closely with your IT teams, not just to cover the current state of the environment but to proactively discuss what new services could be added to future proof the business.

A stronger safer future

In 2021, ransomware attacks have rapidly become the favoured means for financially motivated cybercriminals to extract profit through data theft, public disclosures, and business disruption often costing millions of dollars. New ‘ransomware-as-a-service’ and double extortion models are being used to increase the frequency and severity of attacks.

Falling victim may be unavoidable but paying a large sum to regain access to your infrastructure need not be. Get your organisation’s security in order and you can be well placed to react, remediate and recover without opening your digital wallet to high tech extortionists. Indeed, when a breach has occurred, the speed, efficiency and experience applied to the response can make a significant difference in the impact to an organisation.

As a result, security teams need to be a position to immediately triage the incident to begin to fight back. They must work to remediate the vulnerabilities and get back to normal business operations faster, and with minimal user disruption.

In order to prevent future compromises, organisations must also deploy services such as cyber threat intelligence and 24/7 threat hunting to help security teams eject threats from the networks quickly and prevent silent failure. A security team with clear roles and responsibilities is key to enable faster, more complete remediation.

To learn more, visit here: https://www.barracuda.com/ransomware

Subscribe to ITWIRE UPDATE Newsletter here

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinatrs and campaigns and assassistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!

INTRODUCING ITWIRE TV

iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.

SEE WHAT'S ON ITWIRE TV NOW!