Get the facts straight about Ransomware!

Ransomware is a form of malware that will infect your businesses machines, encrypt and restrict access to files, and then demand ransom for that data to be returned. There is a vast amount of ransomware information online, but not all are accurate.

We sat down with our Ransomware expert, Chief Security Officer, Frank Martin to dispel some of the most common Ransomware myths!

Myth: You have the latest Endpoint Protection Platform (EPP), so you are protected and fully informed.

Fact: Many organisations do not have the most recent EPP running or know its full capabilities. 

This can lead to holes in the system and ways in for hackers. Old versions of EPP also rely on signature-based prevention, which only works on known threats, and most ransomware can be repackaged. Ensure your organisation deploys and enables non-signature technologies. 

For an EPP to be the most effective, it should be one fully configured technology stack versus two partially configured technologies. Ensure you're doing minor updates every three months and major updates every six months and get a configuration check from the vendor. 

Myth: Firewalls and other perimeter solutions are all you need.

Fact: Most payload comes from the internet, and most organisations are not using best practices. Attacks are successful because of poor or outdated perimeter security, so ensure you're using the latest patches and configurations.

Myth: Everything will be okay if you have a backup.

Fact: Backups are great, but they should be the last line of defence, not a mitigation technique. 

Often organisations don't monitor backups and ransomware now actively attempt to access these. Now is the time to document disaster recovery (DR) procedures and test regularly. Ensure there is limited read/write access to backup locations and monitor for any changes. You might even consider an offline backup.

Myth: My business is not a ransomware target

Fact: Healthcare institutions, schools, municipalities, and larger organisations are often prime ransomware targets, as vulnerable companies that lack cyber defence can give hackers access to other businesses. 

70% of ransomware incidents attacked companies with fewer than 1,000 employees, and 60% of those firms had revenues of less than $50 million. That's why smaller businesses must ensure they have security measures in place such as multi-factor authentication on password-protected systems, control over who has access to sensitive information, and incident response plans that map out the steps the company should take to recover from an attack. 

Myth: Ransomware losses are limited to ransom payments

Fact: According to a survey by security firm Sophos, the global average cost to remediate a ransomware attack is $761,106—and paying the ransom doubles that cost to an average of $1.45 million. But the more significant impact for most organisations is the downtime and lost productivity associated with a ransomware attack.

Business interruption losses have accounted for 60% of cyber insurance claims in the past five years. Additionally, 70% of ransomware attacks now involve the threat to leak sensitive data, which could cause additional expenses to the company from a data breach standpoint, including potential costs associated with complying with state notification laws and privacy-related fines and penalties and much higher monetary and reputational losses.

Myth: Security software is enough protection

Fact: Security software alone will not protect an organisation. Companies aren't pulling all the levers on software often, which results in gaps where threat actors can work around the software. 

To protect against this, companies should create a cybersecurity culture that provides guardrails so that people automatically think twice before opening an email or pause before clicking on an attachment from an unknown sender. Ultimately, it's every team member's job to protect the organisation.

Myth: Threat actors attack immediately

Fact: Attackers are getting increasingly good at waiting and often are in company systems for months before they pull the trigger on an attack. 

Many of them use strategies that plan a more significant attack by starting with minor disruptions and learning from them. Depending on what they're looking for, they're more willing to wait for the ideal time to strike or try a range of techniques until they find the weak spot in an organisation. 

Ransomware is a real and dangerous threat to any organisation, so you must stay protected and arm yourself against all attacks. Contact &Partners to make sure you don't fall victim to a ransomware attack.