The FBI has given its latest ransomware advice in the face of increasing losses from such attacks. While the numbers of incidents on the whole is still down from the highs of 2016, attacks are more targeted and effective than ever before.
Who is being targeted and how?
Ransomware attacks are a form of malware that encrypt files when they infect a computer network. They are designed to scare their victims. Once the ransomware has taken over it bombards organisations with messages that demand a ransom be paid, usually in bitcoin, to receive an encryption key.
The FBI said that the number of indiscriminate attacks of ransomware are down. We haven’t seen anything like the widespread WannaCry incident in a few years. But attacks are now more targeted and sophisticated. It said:
“Although state and local governments have been particularly visible targets for ransomware attacks, ransomware actors have also targeted health care organisations, industrial companies, and the transportation sector.”
As a result, the actual losses from ransomware attacks are greater than they have ever been.
The FBI outlined some of the key ways ransomware hackers go after their targets. Email phishing campaigns are still a major vector. That’s why the training of staff in proper security practises remains one of the best measures organisations can take against ransomware and all cyber security threats for that matter.
The exploitation of remote desk protocols was another major source of attacks. Any remote desk software solutions should be considered carefully from a security perspective before being put into use.
The FBI stance on the payment of ransoms remains as strong as ever. The agency has always remained consistent on this point, and quite rightly. It said:
“Paying ransoms emboldens criminals to target other organisations and provides an alluring and lucrative enterprise to other criminals.”
Not only that, there is no guarantee when you pay a ransom that the criminals will even send an encryption key or that it will work.
We agree with the FBI’s final piece of advice. The best way to prepare and deal with ransomware is through extensive backup and recovery solutions. With such solutions, you can always recover back to a time before ransomware struck. If your backups are frequent and effective, your defence to ransomware can be robust.
Key, however, is that organisations take these measures today. It’s not a retroactive solution. You can’t employ backup and recovery after the fact, once an attack has struck. You need to be ahead of the game and prepared. Find out more about Global Data Sentinel’s approach to backup and recovery solutions here.