Roger Grimes recently posted a blog for KnowBe4 about “nuclear ransomware.” He pointed out something many of us in the industry have been discussing – ransomware is not going away. It is, in fact, getting worse.
No Longer Just a Phishing Expedition
What is making ransomware worse? For one thing, organizations keep paying the ransom. Cybercrime is now a multi-billion-dollar industry. Ransomware gangs are set up like corporations and they have their sights set on more than just a one-time payout. Today’s cybercriminals are gathering massive amounts of data from every network breach, and they are turning that data into a marketable commodity. You might pay a ransom today and turn around in a year and find that the personal logins for your C-suite have been sold to another cybercriminal – or that your proprietary data is suddenly for sale on the dark web.
Ransomware Might Be Getting Worse, but Efforts to Thwart Attacks Remain Lax
Cybercriminals are going to keep coming after organizations as long as there is enough monetary reward to make it worth it – and right now, the motivation is high. But protecting your network is still possible if you invest in cybersecurity and make it an integral part of your overall business strategy. And honestly, business leaders must either act now and make cybersecurity a priority or spend 3-5 times as much paying ransoms, recovering data, and paying fines for compliance violations.
So How Do We Stop Ransomware?
Ironically, procedures we’ve always recommended still work if we all do more than just talk about the importance of cybersecurity and actually implement the suggested measures. We need to improve employee awareness and enact policies that allow them to question email requests rather than act upon them. We need to have several layers of security and detection in place. We need to ensure that there is a continuity plan established and that your important data is backed up to an offsite location that isn’t connected to your network. Every organization and every individual needs to have a zero-trust mentality. And we all must stop using the same passwords for our Uber accounts as we do for our LinkedIn accounts as we do for our bank accounts – especially when these are the same passwords that we’re using to access our IT networks.
Multi-factor Authentication (MFA) Matters
According to Microsoft, 99.9% of ransomware attacks could be stopped in their tracks if we simply employed – fully and at every access point – multi-factor authorization. The solution is one that is so simple, but also one that meets a great deal of resistance. Users would prefer the convenience of simply having Google remember our passwords and being able to log in to out networks with a key stroke. Users should, however, be required to enter a code from a text message or from an authenticator, and maybe pass a security screening or employ a biometric. Those simple steps – that only take a few minutes – are a good investment and are more cost effective than paying the ransom each time a business is attacked.
Ransomware is getting worse, and cybercriminals are getting more sophisticated in their efforts. The rewards are there for them, but as business leaders and as individuals, we can change the trajectory with some strategic investments in cybersecurity.
Let’s talk about how thinkCSC can help you be more cybersecure.