A ransomware attack spread throughout the world over the weekend, infecting systems in 150 countries and counting. The attack, known as “WannaCry,” used software code stolen from the National Security Agency that was posted online. No industry was unscathed as hospitals, universities, government agencies, retailers, and automakers were just some of those affected. The attack exploits a vulnerability in older Microsoft operating systems, and a patch is available to download and update these systems in order to close the gap. The threat ransomware poses to the ability to maintain operations and customer service should make organizations, from the C-Suite on down, think twice about their approach to cybersecurity, before it’s too late.
Changing Nature of Threat
Ransomware is emerging as one of the most widespread types of malware used for cyberattacks. This specific type of malware inhibits users from accessing their systems and files by locking or encrypting them until the victim pays the required ransom to restore their network to its normal state. Companies may encounter a ransomware threat through a variety of methods. Two of the most common ways ransomware is downloaded onto devices is by viewing compromised websites or by clicking on and accessing attachments from spammed emails.
As ransomware and its variations have become more sophisticated, cybercriminals have gone from targeting individuals and smaller businesses, to aiming their threats at large organizations and C-level executives. According to Osterman Research, Inc., C-Suites and other senior executives are being targeted 25 percent of the time because of the potential for a higher ransom payment.
The “high-end” cybercriminals that target enterprise level companies use phishing or whaling emails as their main method of cyberattacks. To do this, they use advanced social engineering tactics such as incorporating professional, expert-looking messages as well as including relevant information pertaining to the victim to make their communications seem more legitimate. These deceptive strategies make it harder for recipients, including C-level executives, to decipher if content is real or a malicious act of ransomware.
Eight Steps to Combat Ransomware
While ransomware threats continue to evolve rapidly, there are still ways for the C-Suite and other executives to combat threats and prevent their companies from facing cyberattacks. Through its Stop.Think.Connect. program, the US Department of Homeland Security (DHS) offers tips for basic cybersecurity hygiene.
- Keep all machines clean. Constantly ensure your devices are up-to-date on all current versions of software.
- Get two steps ahead and protect core accounts. Set up a two-factor authentication on accounts to require a second step, such as text message verification, along with initial password log in to guarantee safety.
- Back it up. Store all important data for safe keeping.
- Make better passwords. Think outside the box and be sure not to use easily deciphered phrases like middle names, birthdays or pet’s name in your password. For more tips on creating a strong and secure password read our blog Simple Changes to Improve Cybersecurity.
- When in doubt, throw it out. Don’t open emails or links you weren’t expecting. If it isn’t familiar or looks skeptical, delete it.
- Plug and scan. Use your security software to scan USBs and other external devices for viruses and malware to increase your computer’s protection.
In addition, Secure Halo recommends that companies adopt two more best practices to better prepare for and prevent ransomware:
Conduct Security Awareness Training. By now, corporate risk managers and other enterprise security leaders understand the adage of being only as strong as the weakest link. A culture of security must be created that instills a sense of skepticism at the user level. Some solutions might include simulated phishing attacks and other training.
Create a Business Continuity Plan. Simply put, it provides companies with fundamental capabilities needed to reduce the cost of a cyber incident by preserving their access to critical business information and assets. The ability to recover and to return to normal functioning as quickly as possible is paramount. As such, businesses must categorize both their information and systems based on their criticality to operations and they must determine appropriate risk tolerance levels for these assets accordingly. Once that is understood, they should develop processes which then must be incorporated into a written business continuity plan which is tested and can be implemented with confidence in the event of a ransomware attack.
Don’t wait to think about your company’s cybersecurity plan until it’s too late. Be vigilant and attentive to ensure your cyber safety measures are up-to-date and to prevent your company from experiencing a ransomware attack.