ETech 7 Blog | IT Services, IT Support, and IT Security

IT Security in 2021: Why Ransomware Is Still The Biggest Threat

Written by Andro Yuson | Jan 6, 2021 6:33:00 PM

 

What’s next for cybersecurity in 2021? Last year, both the public and the private sector experienced a plethora of breaches and attacks. From regular security lapses to more complicated, and often more expensive, ransomware attacks - 2020 has seen a drastic increase in the volume of breaches that led to the widespread loss of data and valuable information around the world.

 

Also read: 10 Basic Network Security Tips for Small Businesses

 

Now that the modern workplace is becoming more and more sophisticated as it is interconnected, businesses should expect more complex and targeted attacks that threaten an organization’s entire infrastructure and device ecosystem. To no one’s surprise, an article recently published by WIRED claims that ransomware will once again be the main thing to worry about this year. Here’s an excerpt from the article:

“At the end of September, an emergency room technician in the United States gave WIRED a real-time account of what it was like inside their hospital as a ransomware attack raged. With their digital systems locked down by hackers, health care workers were forced onto backup paper systems. They were already straining to manage patients during the pandemic; the last thing they needed was more chaos. "It is a life-or-death situation," the technician said at the time. 

 

The same scenario was repeated around the country this year, as waves of ransomware attacks crashed down on hospitals and health care provider networks, peaking in September and October. School districts, meanwhile, were walloped by attacks that crippled their systems just as students were attempting to come back to class, either in person or remotely. Corporations and local and state governments faced similar attacks at equally alarming rates.

 

Ransomware has been around for decades, and it's a fairly straightforward attack: Hackers distribute malware that mass-encrypts data or otherwise blocks access to a target's systems, and then demand payment to release the digital hostages. It's a well-known threat, but one that's difficult to eradicate—something as simple as clicking a link or downloading a malicious attachment could give attackers the foothold they need.”

 

The article goes on to say that cybercriminals are growing bolder after years of honing their techniques. Often, these attackers use extortion and blackmail when holding an organization’s data hostage and then threatening to release that data if the victim does not pay a ransom. Considering the amount and severity of ransomware attacks in 2019 and 2020, it’s no wonder that ransomware will continue to terrorize businesses on a worldwide scale. But are we really that helpless? 

 

Before we delve deeper into why ransomware is still 2021’s biggest cybersecurity threat, let’s first go back to basics.

 

What exactly is ransomware?

Ransomware is a form of malicious software (or malware) that encrypts the data found on the victim’s computer or computer system and can only be accessed after paying a ransom to the attackers. More often than not, ransomware is a highly targeted attack that attempts to lock you out of your files until a sum of money is paid. According to Kaspersky, this type of malware is a criminal money-making scheme that can be installed through deceptive links in an email message, instant message, or links from a website. It has the ability to lock a computer screen or encrypt important files with a password. 

 

 

Popular ransomware examples include:

WannaCry

WannaCry is a type of ransomware that spread rapidly through computer networks worldwide back in 2017. Both the US and UK governments have blamed North Korea for the WannaCry global attack that targeted hospitals, businesses, and financial institutions. 

 

Petya

Computer security software company McAfee says Petya began spreading internationally in June 2017. It targeted Windows servers, PCs, and laptops and used the server message block vulnerability that WannaCry used to infect unpatched devices. Petya also employed a credential-stealing technique that spread to non-vulnerable machines.

 

CryptoLocker

CryptoLocker is a type of malware that works as a Trojan horse - encrypting files on an affected system and then demands a ransom payment in exchange for the decryption key. CryptoLocker was mainly deployed through email which fooled victims into downloading malicious attachments.

 

How do you get ransomware and how would you know if you’re infected?

Like other forms of technology, cyberattacks are only getting more and more sophisticated. As technology advances, cyberattacks evolve along with it. There are several different ways that ransomware can infect your infrastructure. One of the most common methods is through emails that contain malicious attachments or links that redirect users to an infected website that automatically downloads malware without any notification prompts. 

 

Malwarebytes, a popular anti-malware software, has found that another popular infection method is malvertising. Malvertising, or malicious advertising, uses online advertising to spread malware “with little to no user interaction required.” This often leaves victims unaware as even legitimate websites are used to redirect users to a compromised website. According to Malwarebytes, “these attacks catalog details about the victim’s computers and their locations and then select the malware best suited to deliver.”

 

 

So what can you do to protect yourself and prevent ransomware attacks?

Fortunately, there are a number of ways that we can protect ourselves to be able to prevent even the most sophisticated ransomware attack. Check out some of the measures you can take to ensure that your data is always safe and secure. 

 

Educate yourself and your staff

The most important thing to remember is that any security measure would be useless if you and your employees do not know the basics of internet security. Ensure that your employees know how to spot sketchy emails and know which links not to click. Investing in a cybersecurity awareness seminar helps mitigate the risk of human error which hackers greatly rely on.

 

Don’t forget to backup

Making a copy of your data is only part of the battle against data loss - you need to make sure your data is encrypted and password protected as well. Make sure to use end-to-end encryption so your data is secure both while in storage and during transmission. Also, keep in mind that you need to protect your data using durable storage drives that can withstand the most extreme conditions. Having the necessary backup measures in place enables you to recover your data in a timely manner. 

 

Update your stuff

An outdated system or software leaves you vulnerable to ransomware attacks. Updates are important because they often include critical patches to the security holes found in past versions. According to McAfee, in addition to security fixes, software updates can also include new or enhanced features or better compatibility with different devices or applications. They can also improve the stability of your software, and remove outdated features.

 

Use a reputable security software

An antivirus software is designed to detect and safely remove malicious software from your computer. These programs scan files, programs, and other data stored on your computer to search for a wide variety of threats that might harm your device. The great thing about antivirus software, free or paid, is that it provides real-time threat detection and protection against the most common computer vulnerabilities.

 

Develop a disaster recovery plan

A disaster recovery plan should be developed by your IT department or an outsourced IT consulting firm that allows a company to access and restore its data in the event of an unforeseen event. The main function of a disaster recovery plan is to quickly restore your systems, minimize downtime, and reduce the risk of data loss. Developing, implementing, and maintaining a disaster recovery plan is an important, albeit tedious, process. Make sure that your disaster recovery plan is customized to fit your network’s needs. Never leave it up to guesswork.

 

Hire an MSP

If you don’t want the headache of reading pages upon pages of literature about various cybersecurity measures, you always have the option to hire a managed IT services provider (MSP) to take care of your IT security needs. Chances are your business deals with sensitive information. Having a holistic approach to securing your infrastructure, your operations, and your assets should be every single business’ priority. “Managed IT service providers oversee large data centers and put multiple layers of protection in place,” says Emil Isanov, CEO of managed IT services provider ETech 7. “However, users may still be breached by ransomware attacks due to human error or outdated software.”