As a technology consulting company, we help clients understand cloud migration best practices, new techniques for developing custom applications, and so much more. We are motivated by providing thought leadership around topics that impact your business daily.
Today, we bring you some tactics on ransomware; the history, types, and ways to protect against attacks. Along with our predictions into 2021.
What is Ransomware?
For those unfamiliar with the topic, Ransomware is a type of malware from crypto virology (a particular discipline that hackers use to design robust, malicious software) that threatens to publish sensitive personal information, data, or block access unless a ransom is paid.
A Brief History of Ransomware
Ransomware may seem like a relatively new concept, but in fact, it’s been around since the 80s. The 80s are known for a lot of things….. on the positive side of things; DNA fingerprinting, the IBM PC, and the first artificial human heart. On the opposite side of the spectrum, we have the devasting disaster of Chernobyl, Exxon’s massive Valdez Oil Spill, and the rise of a never before seen virus known today as HIV/AIDS. Ironically enough, AIDs also had a hand in the first instance of Ransomware.
In 1989 an AIDs researcher named Joseph Popp, Ph.D., created 20,000 floppy disks and sent them to other health researchers in 90 countries. The disc contents were designed as a survey to test one’s risk of contracting AIDS; however, after 90 reboots, the virus rendered the computer useless by locking everything. The individuals operating the computers were prompted to turn on their printers and, soon thereafter, received a ransom note demanding a $189 “licensing fee” in exchange for a decryption key.
Fast forward to modern times, and you’ll notice ransoms have significantly increased. Despite increases in security, hackers have also evolved their cyberattack tactics and can breach much more complicated systems. In particular, the healthcare industry has seen a rise in these attacks with substantial data breaches and ransoms. A recent settlement from the health insurer, Anthem, was reported to pay nearly $40 million to reduce exposing almost 79 million people’s personal information.
In addition to these increased ransoms, the FBI has warned that “cybercriminals could unleash a wave of data-scrambling extortion attempts against the U.S. health care system.” While the impact of these potential attacks is difficult to assess, it’s essential to educate your team and learn how you can take proactive measures to protect your organization’s highly sensitive information.
What are the different types of Ransomware?
Scareware
These are relatively common and usually pretty easy to limit your exposure.
If you’ve ever streamed a video on a less than reputable website, you’ve likely run into the scenario of a popup coming onto your screen saying, “Warning: malware has been detected.”
These are pretty common but relatively low impact. As the name leads on, it’s primarily a scare tactic.
Screen Lockers
This type of ransomware can often be found while browsing websites. Shortly after entering a website, your screen will become completely frozen. Along with a frozen screen, creators of this ransomware will accompany your locked screen with an official-looking organization seal, such as the FBI or Department of Justice, mentioning they’ve detected illegal activity. While coming into contact with an official-looking seal and a locked screen can be intimidating, the simplest way to remedy your situation is via control+alt+delete (command+option+escape on a mac) to force quit the program. If that doesn’t work, restarting your computer will suffice.
Encryption
Encryption ransomware is the most common form of Ransomware we see today from hackers. Imagine a hacker captures your information, encrypted, and is now impossible to get back.
The only way to get your information back is with an encryption key provided only by the hacker who demands payment via cryptocurrency, aka Bitcoin. This type of Ransomware can happen to anyone, from individuals up to enterprise organizations.
Now the interesting part of this type of Ransomware is that only about 30% of victims pay the ransom fees, BUT of that 30%, only 25% of victims get their information back. Take a proactive approach and ensure your organization is protected against potential ransomware attacks.
6 Tips on How to Prevent Ransomware Attacks
The list of things your organization can do to prevent a ransomware attack is nearly endless, but today, we’ll provide a summary of things you can do to limit your exposure. We can break these down into an offensive approach and a defensive approach.
While it may appear that an offensive approach suggests an outward attack on hackers, it simply means your organization deploys a proactive approach to protecting your assets. Below we compile a sample of items you can leverage to protect your organization from a potential ransomware attack.
1. Have a Ransomware Remediation Plan
Similar to a disaster relief plan, preparation is vital. Without a plan, your team will be shooting from the hip should your company ever succumb to a ransomware attack. As you build out your plan, be sure to format it as an IT playbook that you can reference with a collection of actions to address in the unfortunate event of a ransomware attack.
In addition to creating a playbook, ensure you have backups in place, and build security policies to ensure you’re prepared. With a protocol set in place, your team will be more relaxed and confident in your ability to address an attack.
2. Educating Personnel
This is a great way to minimize the number of ransomware attacks in your organization. Educating employees of common tricks, what to look out for, and how to identify suspicious activity are all great ways to train your personnel. There are also some handy tools out there that can simulate phishing programs that better prepare your team to recognize the signs of potential threats.
3. Increased Password Complexity
Approximately 30% of ransomware attacks result from weak passwords. It goes without saying that “1234” won’t suffice as a robust password. Be sure to put in place best practices to increase your password complexity for your organization. From multi-factor authentication to password generators to mandatory lengths and character types, take action to increase the complexity of your passwords to help prevent a ransomware attack.
As you move forward with your offensive approach, it’s essential to leverage defense as part of your strategy to prevent ransomware attacks. Ronald Reagan once said, “A stronger defense is an investment in peace.” While no defense is entirely indestructible, it’s valuable to help prevent ransomware attacks. At AIM Consulting, we tend to think of the defensive approach similarly to locking your car; if a thief walks by and your door is open, they’re very likely to take whatever is inside. On the contrary, if your door is locked, a thief is much less likely to break your window. A similar concept can be applied to the below defensive measures you can take.
4. Install an Anti-Virus Software
Most of us have heard of this, and you likely already use this on your computer. Use an anti-virus that is capable of detecting and cleaning up Ransomware when it occurs. Some great examples are Bitdefender and GravityZone, which can detect Ransomware on your system and stop the attack before your hard drives are encrypted.
5. Leverage Anti-Phishing Software
Anti-Phishing Software consists of computer programs that attempt to identify phishing content contained in websites, email, or other forms used to access data and block the content, usually with a warning to the user. Anti-Phishing Software does a great job of scanning information to see if it’s been tampered with or not.
6. Add External Emails to Your Inbox
Email is still, to this day, an essential communication tool used across the world. As such, it’s also a great way for hackers to leverage phishing techniques that are difficult to track. Email spoofing is a common tactic (a sender pretending to be a director within the company), but you can prevent it by adding external email warning messages to your inbox. If you use Office 365, you can learn how to avoid email spoofing here. Adding these features (or something similar based on your inbox) is an excellent way for your system to begin to recognize external emails and flag them before you ever open them, reducing your risk.
For More Information on Ransomware, Subscribe Below.
Summary and Takeaways
Ransomware is a very real threat to your organization and is not something to be taken lightly. The above offensive and defensive tactics are not an all-encompassing checklist to prevent a ransomware attack, but they can help when implemented with a proper strategy. As you take both an offensive and defensive approach to ensuring your organization’s security, remember that cyber-attack tactics will become more creative and sophisticated as time goes on, so be sure to check in on systems to confirm they’re up to date.
Our Prediction
At AIM Consulting, we predict 2021 will have an increase in sophisticated social engineering tactics for ransomware attacks, as well as an increase in attacks coming through your employees. While we don’t know what those will look like quite yet, be cautious on social media and be sure to properly train your employees about preventative measures to limit your exposure to ransomware attacks.
AIM Consulting helps companies like yours maximize your security and increase your resilience to ransomware attacks. If you’re considering investing in your cybersecurity technology, start the conversation with AIM Consulting and learn what your options are to build a fortress against cyber-attacks.
If you liked this article, connect with us on LinkedIn for more content like this.
ABOUT THE AUTHOR:
Mark Pruitt
PRINCIPAL CONSULTANT, CLOUD & OPERATIONS
Profile
Mark has over 20 years of experience working within the Cloud and DevOps implementation space in the government, healthcare, education, and technology sectors. Mark is passionate about helping clients realize the benefits of leveraging the latest Cloud and DevOps technologies and practices.
