Ransomware attacks have been soaring in the recent past. Some are so sophisticated that they have made headlines, but many are simple yet still devastating. We have had first-hand experience with it.
When we started out doing IT support, a prominent real estate company approached us and lay off its in-house IT support guy. One of the first things we did was to urge the company to change its Wi-Fi password, but our advice was ignored. The disgruntled employee hacked the company’s Wi-Fi and installed ransomware that demanded a ransom of $17,000 with hourly interest increases.
Millions of people and businesses across the world go through such experiences often. So, how bad is 2020 going to get, and who is most at risk?
What is Ransomware?
There are various types of hacking attacks, and most people don’t always differentiate them. Ransomware attacks are among the most common. They are simple but also effective (for the hackers) and devastating (for you). The hacker plants a virus that takes control of the system and locks you out. If successful, the hacker then proceeds to make demands (usually payments) and threatens to put you in a compromising position if you don’t meet their demands.
Ransomware Attacks on the Rise
Ransomware attacks have been increasing at an average rate of 12% over the past five years. Reported cases increased by 18% in 2019, and they affected all industries virtually: healthcare, enterprises, manufacturing, local governments, and even individual persons, among others. Going by the statistics, it seems that hackers are planning something big for 2020.
Industries under Crosshairs
Hackers are not very picky–they will exploit any potential target with weak cyber-security. Ransomware attacks have been reported in most industries. However, some industries are at higher risk than others.
The healthcare industry, in particular, is at a higher risk of attack than other industries. Ransomware attacks against healthcare systems increased by more than 350% in the fourth quarter of 2019, which is one of the highest rates of all industries.
Healthcare systems make for easy targets because they hold sensitive records that they cannot afford to lose. They usually end up paying the ransom to get their data back–it also doesn’t help that many healthcare IT systems are not secure enough, as was revealed in the 2017 attack on the UK’s NHS.
Business enterprises in many niches also face a significant threat from the increased cases of ransomware attacks. Ransomware attacks started by mostly targeting prominent individuals, but they have been making an evolution towards businesses as they are more lucrative. Ransomware attacks on businesses increased by a staggering 365% in 2019, and they continue to skyrocket in 2020. The ransom has also increased from an average of $40,000 to an average of $80,000 for SMEs.
Governments and the public sector have not been spared either. The public sector witnessed a 10% uptick in ransomware attacks, most of which targeted departments that deal with sensitive information. Courts, for instance, have been held hostage by ransomware attacks that freeze their sensitive data and threaten to leak it if the demanded ransom is not paid.
There has also been a significant increase in the various methods of carrying out these ransomware attacks. Phishing is the most commonly used form of attack. Still, hackers have been getting creative as they try to bypass the increased security measures taken up by potential targets who are realizing the gravity of the threat.
Tips to Protect against Ransomware Attacks
As mentioned, hackers target any system that shows vulnerability. The vulnerability arises from a lack of preparedness. Sometimes even the most basic cyber-security measures are enough to keep hackers out. Unfortunately, most potential targets don’t know this.
There are two particularly simple and effective cyber-security measures against ransomware attacks:
Two-Step Authentication
How easy is it to access your data? Do you login and get down to work? It could be just as easy for hackers! However, it may prove impossible for any unauthorized persons if you implement two-step authentication.
Two-step authentication goes an extra step to verify users’ identity. As usual, you will be required to present the necessary credentials to log into the system. However, instead of allowing immediate access after logging in, two-step authentication requires users to prove their identity using other channels. In essence, it usually involves an automatic SMS or calls to the user’s personal phone number. There also are many other emerging tactics, including some that use biometric verification to close all gaps.
Regular Backups
All ransomware attacks come down to one tactic: blackmail. Most attacks freeze the system and demand payment to unlock it. Some also threaten to release your data to the public. Some companies, including big, multinational brands, have suffered this and lost many clients due to the lack of confidence that ensues from such an attack.
Even before ransomware attacks became prevalent, it was advisable to back up your data regularly. It is more important now that hackers have learned to hold data hostage. By backing up your data, you will never be locked out of your system in case you suffer a ransomware attack – it will save you a lot of time, trouble, and money.
For systems that deal with sensitive data that requires utmost privacy, it is also advisable to store the original and backup data in secure storage. As noted, many hackers have gone through with the threat of releasing sensitive data.
Other recommended security measures against ransomware attacks include:
- Staff training – many ransomware attacks target human weakness, so teaching your staff what to be on the lookout for bits of help
- Using complex passwords that are changed regularly
- Setting up a strong firewall and utilizing premium cyber-security solutions
- Monitoring attacks and enabling alerts for data changes
Leave It to the Pros!
Are you currently experiencing complications with your IT system? Are you concerned that you may become another victim of ransomware attacks? Don’t wait for a second longer–act now to prevent a setback that you may not withstand!
At SADOS, we provide a range of services for comprehensive IT systems management. Among other things, we help secure clients’ systems using the latest cyber-security solutions. Don’t leave anything to chance–call us for a consultation, give us a rundown of your system and we will provide you with ideal solutions tailored just for you!