This article was written by an independent guest author.
The reason why ransomware is more rampant today is simple: it’s lucrative for hackers. As high-profile examples of ransomware continue to skyrocket concerning the amount of ransom paid, hackers will only continue to pursue it as a strategy.
How the incentives are changing for hackers
As the degree of sophistication with which attackers use to victimize businesses rises, so does the price of the average ransom. In a relatively short period, ransomware has transformed from a minor cybersecurity issue to a multi-billion-dollar industry.
According to a 2021 Emsisoft report, 2020 was a profitable year for hackers: the average ransom demand ballooned by over 80 percent. Worldwide, at least $18 billion was paid in ransoms, which doesn’t factor in the costs associated with downtime for both public and private sectors. In the United States alone, almost 16,000 businesses were victimized by ransomware, bringing in nearly $600 million for hackers.
Proactive strategies to prevent ransomware incidents
One of the easiest methods an organization can use to protect itself from ransomware is adherence to strict backup processes. Ransomware is only getting more sophisticated, and many of your fail safes may not protect you from the latest hacker tactics. Like so many other facets of IT, it’s a case of “backups to the rescue”. However, in far too many ransomware attacks, the victims could not complete a full recovery for various reasons. In some cases, it was too much time from the last backup, and in others, backups were stored on the same network as the ransomware attack.
Taking the time to focus on your backup processes is well worth the investment. Because today, your backups should be considered as part of your organization’s “crown jewels.”
Aside from backups, the old cybersecurity mantra about the superiority of protection above detection holds true here. To truly mitigate these threats and reduce your attack surface, being proactive is critical.
Here are a few options to consider to proactively protect your attack surface:
How consultants can help
If your organization falls victim to ransomware, the damage extends well beyond the financial costs. With a ransomware attack, timing is everything. In the first quarter of 2021, a Coveware study reports that the average amount of downtime due to a ransomware attack was 23 days, up ten percent from the previous quarter.
Responding to a ransomware attack is an integral part of your incident management program. But in too many cases, resources for IT teams are stretched thin. Working with a managed incident response team, you get the experience and expertise of cyberdefense consultants to either lead the investigation or supplement your internal IT or cybersecurity team.
With AT&T Cybersecurity incident response service, you’ll be well-positioned to:
- Prevent data breaches
- Quickly respond to attacks and mitigate impact
- Minimize impacts of a potential breach
- Quickly analyze and recover from the breach
- Mitigate security risk
- Improve incident response
- Leverage an “all hands on deck” approach, which includes in-depth digital forensic analysis, breach, support and compromise detection
It is also important to conduct periodic vulnerability assessments to find and patch potential security weaknesses. While there are many options on the market, your organization can take advantage of the unlimited 30 day trial offer from AT&T.
At the end of the day, the very best way to protect against ransomware is to work with experts to protect against the attacks. Because even the best and most security-aware employees may one day fall for a sophisticated phishing email that leads to ransomware. If an attack occurs, knowing you can rely on experts to conduct the forensic investigation to mitigate the risk can make all the difference.