Ransomware is currently the most prevalent threat to the cyber security of small and medium-sized businesses. Crooks gain access into victims’ computers by exploiting human vulnerabilities, most often through phishing emails and other social engineering tactics. Then, they encrypt files and demand a ransom.
Businesses have few options once their files have been encrypted. They pay the fine and hope they are part of the 19 percent that actually get their data back or refuse to pay the ransom and force criminals to make their money elsewhere.
What makes ransomware successful?
1. Human Error
According to a report by Ponemon Institute, 79 percent of ransomware attacks were caused by phishing and social engineering tactics. The crux of it is employees are opening emails, clicking attachments and following links that should not be trusted.
The increase in ransomware success is also attributed to the development of the Ransomware-as-a-Service business model. With minimal expertise and minor upfront cost, cybercrooks can pull off attacks that would normally require a variety of skillsets. In addition, these “services” have already been proven successful. This reduces risk and increases reward.
3. Evolving Tactics
Advancements in hacking techniques seem to constantly be nipping at the heal of security technology. New updates are released, patches are applied and new protocol is introduced, but criminals adjust and find new ways in. One example of this was WannaCry, the first completely automated ransomware. It did not depend on human error. This attack hit more that 200,000 computers around the world in 2017. Thankfully, this attack was neutralized, but more of this nature can be expected.
What can be done to stop it?
1. Employee Training
The importance of software updates, strong passwords and the ability to recognize social engineering must be emphasized. By investing in employee training, companies eliminate a large security risk.
2. Cisco Umbrella
The truth about security technology is that no single piece of equipment or software can do it all. Firewalls can catch known malicious packets as they enter the network by comparing IP addresses with a list of bad IPs, but that leaves the door open for brand new attacks. Also, firewalls cannot provide protection for devices that are off the network. This where OpenDNS steps in.
Cisco Umbrella works offensively. Based on data gathered by analyzing relationships formed between domain names, IP addresses and more across the internet, Cisco Umbrella finds the origin of attacks and predicts where they will emerge. Should a device somehow become infected, Umbrella severs the connection between users’ and attackers’ servers to prevent ransomware encryption.
These features are also carried over to devices that are off the network. Umbrella’s cloud platform allows administrators to collect data and enforce protection across all devices.
3. Hummingbird Networks
Let us help you secure your network! We offer professional services such as social engineering assessment for employees, network security assessments and more. We also have top-tier partnerships with companies like Cisco, which gives us premier access to their sales team and engineers. Contact us to find out exactly what your network needs.