Ransomware is an ever-growing pain in the sides of businesses and individuals alike. But what once took the form of dollar signs, has now involved a heavier price, that of a life. In a report by ZDNet, the writer expressed just how truly costly ransomware can be. Starting with a tragic case in Germany where a woman had lost her life. Authorities investigated this death after the woman who was in urgent need of care was instead re-routed to another hospital due to the intended hospital suffering from a ransomware attack, therefore suffered the ultimate consequence.
Other real-world consequences are mentioned in another report by darkreading stating that due to ransomware attacks have resulted in thousands of medical records being lost by hospitals containing crucial patient information and resulted in over 11 billion NZ dollars annually. To make matters worse this was only last year, which when we consider just how far technology has come in a year, is terrifying to even imagine what new ransomware is out there.
Even here in New Zealand, we are no longer immune to becoming targets. A report by ZDNet states that daily, businesses both large and small alike become targets of these attacks, and often in times where they are at their most vulnerable.
Because of this, there is almost a global acceptance that ransomware attacks are simply to be expected and inevitable in a digital age. We simply must accept these as truth and just add it to the list.
However, there is a reason why the mantra the truth is hard to swallow exists. It is far more our fault then we would like to admit. Realistically ransomware exists because of a series of failures. Although they are unrelated on the surface – much like a series of small transactions – it all combines to become a fertile ground for issues. It is due to these conditions that ransomware can flourish and be that menace of the internet that we have all come to be aware of.
Many people categorise historic events into decades. And if we want to avoid being known as the decade of ransomware, we need to make some serious changes to do so.
Policing versus politics
Most ransomware attacks take up a lot of resources, time, and processing power to orchestrate. Therefore, unlike individual hack attempts, ransomware is generally the product of a group.
Unfortunately, these groups tend to originate from countries where it is not considered illegal or at times over-looked by authorities if the target is not a local company, and in some cases state-funded. It is because of this that general law-enforcement can only do so much to inform and contain such threats. It then becomes a political issue and goes beyond simple business etiquette and independent solution-finding.
Many government bodies have become aware of the threat of ransomware, and now enlist specialist teams or hacksperts to actively combat the threat, however it is important to not solely rely on this as adequate cybersecurity. Ensure your business is also doing its part to cover up vulnerabilities such as endpoints or network holes.
Make paying the ransom a last resort
We get it. We know your business data is crucial to you. If you are the unfortunate recipient of a ransomware attack it can be taxing, disheartening and expensive. After all, there is a risk of going out of business.
It may seem the easiest option is to simply front the costs and have immediate access to the ransomed data, but we have to inform you that sometimes there is no guarantee that you will get access to that data back despite paying for it. Although there has been little if any of these cases happening in the past, it is important to at least recognise the risk that it imposes.
The trouble is that if the ransom gets paid, it normalises ransomware as just another business expense that gets added to the annual budget. You can even invest in a ransomware insurance that gets added onto your monthly expenses. However, if this is the case then the threat gets taken less seriously and swept under the rug. There is a stigma that since the data is only encrypted and not stolen, that the breach is less serious and if the ransom is paid and the data restored then everything is fine.
It is helpful to think of ransomware like a headache. You take some Panadol to alleviate the immediate issue because that makes getting on with your day easier, however you aren’t addressing the core of the issue or thinking about the next time this headache rises again. You are so focused on the immediate relief that anything else seems irrelevant.
Paying for the ransom simply justifies the hacker’s action and further funds them to not only re-target your business but to also target other businesses that may not have the access to as much free-flowing money to cover the ransom cost.
What you can do about it
Although neither of these above tasks are easy, they are necessary if we want to improve the defense against the regulation of ransomware attacks. Getting political policy changes is a very long-winded process and there is no immediate fix for this.
However, it is perhaps an easier task than first thought to improve your own cyber-security habits and protection. Many third-party IT companies offer managed servers that backup your data across several locations. This means that even if your physical business is targeted by ransomware, there is minimal reason to pay the ransom as data can be recovered with a cohesive business continuity plan. This ensures that your business is well resourced if you should become a victim of a ransomware attack.
Finally, and perhaps one of the most unexpected fixes, is to ensure every software application you have is updated and protected. Most ransomware attacks have an easier time getting through outdated software then if it is up to date. This is not to say its a perfect solution, but it certainly helps. Remember, applications get patched for a reason.
The whole point of updating an application is to not only introduce new features but also cover up holes that hackers have exploited in the past. Therefore, next time that little notification box pops up on your screen, don’t put it on the backbench for an extended period of time.
Interested in how to identify potential ransomware? Why not take a look here.