Latest Ransomware Trends, Ways and Protection Techniques
7 August 2020
SafeAeon Inc.Ransomware is a type of malware that is used to extort money from the victim by encrypting his/her data or only by denying access to his/her system. If you want to know about the working of ransomware
How ransomware gains access to your system?
This is a stubborn question to answer, as with ever-changing landscape and new technologies like IoT, connected devices, and smart devices, the attack surface for hackers, have become very large. But if we study and analyze the ransomware attacks in recent years, our research converges on a few common points from where attackers exploit our system. Let’s discuss them.
Human Mistakes
Human resources in any organization are most vigorous yet the weakest link in their information security chain. Everyone knows that mistakes are an integral part of human nature. Human errors are the primary reason behind most of the cyberattacks; there is always a chance that employees can compromise the security of an organization. They can fall prey to phishing or social engineering attacks. The employee may use a very weak or common password, which can be brute-forced. List of mistakes is very long, but discussing all here can be out of the scope of this post.
Outdated/Unpatched Systems
This is the second most common cause behind the attacks. Due to the very high complexity of systems/software designed these days, the number of bugs and vulnerabilities have been increased. In the case of an individual or small to medium organization, they don’t have any proper patch management mechanism in place. If there is any security vulnerability in any of the outdated software applications, then there is always a probability of an attack. Well known ‘WannaCry’ ransomware attack, exploited a vulnerability that was present in obsolete or end of life Microsoft Windows products.
Loopholes in the security architecture of an organization
This includes improper access control implementation, open ports, not restricting remote connection, etc. Implementing a foolproof security architecture is very tough, even for big players in the industry. There is always a chance of an attack on an unknown loophole, so always keep your eyes open and full.
Ransomware attack trends
Ransomware attackers are evolving their ways with changing times, and their attack patterns became utterly different from the past few years. Earlier, attackers generally targeted large no of consumers in a single phishing campaign or by infected websites. But nowadays, attackers have shifted their focus from consumers to business organizations as a payout of a single successful attack against a business organization is far more significant as compared to consumer victims. Not only are they targeting financial institutes but also other organizations like healthcare, government institutes, education institutes, service providers. Simple, they are targeting any organization which possesses data that has value in the market.
The relation between virus/trojan and ransomware has been observed. Around half of the viruses these days come along with ransomware. If your system is compromised by viruses or trojan, there is a very high chance that your data may be encrypted by ransomware.
RaaS (Ransomware as a service) is also growing these days, but most of the products sold on Dark Web are just scams. Most sellers sell inferior quality products that are not of any use, but still, there are some useful toolkits in markets like ‘GrandCrab’ toolkit. There is a very high demand for these toolkits on Dark Web as many inexperienced hackers are unhesitant to pay a small amount of license fee. The prices of these toolkits vary from around $400 to $10000.
Top ransomware targets
The Healthcare sector
It became the favorites of ransomware attackers in recent years. Medical data is susceptible, and there are stringent compliance policies for it, so victims are very likely to pay the ransom.
Small/Medium Business
This became new targets for ransomware attacks as there is a little chance that a small business may have a proper cybersecurity mechanism in the palace. So, they are easy to attack as compared to a considerable organization.
Government agencies
They are also facing more and more ransomware attacks. Such attacks always generate media coverage and provide hackers the opportunity to sell their ransomware as a product on Dark Web. As the government is providing more and more services online, if attackers can exploit these services, there is a chance of extorting a hefty ransom.
Protection from ransomware
Patches and Updates
Always keep your system up to date with the latest updates not only for the OS but also for the application installed on your system.
Regular and Multiple Backups
All your data must be regularly updated on the trusted cloud at multiple locations. If information is highly sensitive, always encrypt it before uploading it on the cloud.
Beware of Spam emails
Emails must be handled very carefully, never open any email attachment or link from an untrusted or unknown source.
Use good Antivirus
Always use good antivirus as most of the ransomware comes coupled with viruses and trojans. The latest antivirus provides proper protection against most of this malware and comes along with additional features like a virtual sandbox and email filtering.
Staff training
All the employees of an organization must be provided with essential cybersecurity pieces of training.