Ransomware attacks on businesses shot up in 2016, with the creation of new ransomware families increasing threefold between Q1 and Q3 of the year and attacks jumping from every two minutes to every 40 seconds, according to the Kaspersky Security Bulletin 2016 (you can download the full report here). For individuals, frequency of attacks has gone from every 20 seconds to every 10.
Criminals use common forms of ransomware such as crypto-malware to lock users out of their systems and demand money (ordinarily via Bitcoin) to allow them to regain access. But while ransomware has seemingly gotten more sophisticated, we're far from helpless with various protections and fight back techniques available to those in the know.
Here are three simple things you can do that will help keep yourself and your company more secure against ransomware attacks.
Backup your data
Arming yourself with the knowledge of how to effectively fight back against ransomware attacks is one of the most vital tools your business can have in its arsenal. There are many simple and effective security solutions out there, but prevention is often the best form of defence in these cases.
It sounds simple, but backing up your data is the number one thing you can do to protect it from being lost in the event of an attack. According to Kaspersky, one in five of companies who are hit by crypto-malware never get their data back (even if they pay the ransom), so there are no guarantees information will be safe unless it's backed up somewhere secure. You can read more about this in Kaspersky's full report.
Take a moment today to make sure everything is up to date, whether you are using a cloud storage platform or a physical hard drive, and make it a regular part of your work schedule to do this.
Make sure the latest version of software is on all devices
Various trends in 2016 - such as a rise in Ransomware-as-a-Service (RaaS) - have increased the risk and awareness of ransomware moving forwards, and companies and individuals must increasingly make sure they know about the dangers these kinds of attacks can pose to their data.
Another basic habit that could save a lot of aggravation down the line is making sure software is always up to date. Attackers can seize upon gaps in security on older versions, so don't make it easy for them - never put off updating apps and software when prompted, and tell colleagues to do the same. So many significant attacks have been successful because of security holes present in outdated software, but these can be easily prevented with just a few moments of your time.
Know what to do when you're hit
With all the care in the world, it's possible that you will suffer from a ransomware attack at some point. This just means that you should spend a few minutes reading up on what to do (and what not to do) if and when it does happen.
For starters, report the criminal activity to the authorities as soon as possible, and arm yourself with one of the many free decryption tools to give yourself the best chance of retrieving your data. Read more tips on this in the Kaspersky Security Bulletin (download here).
It's also important to know that you should never, ever pay the ransom, as there is no guarantee that the person behind the attack will follow through on their end of the deal. Often, sophisticated cybercriminals offer help and advice to victims on how they could buy bitcoin in order to pay the ransom, but this is obviously not in their best interests. In fact, paying will simply make you a bigger target, and more money could be demanded next time.
-
Prolific ransomware operator added to Europe’s Most Wanted list as US dangles $10 million rewardNews The US Department of Justice is offering a reward of up to $10 million for information leading to the arrest of Volodymyr Viktorovych Tymoshchuk, an alleged ransomware criminal.
-
Jaguar Land Rover “did the right thing” shutting down systems to thwart cyber attackNews The attack on Jaguar Land Rover highlights the growing attractiveness of the automotive sector
-
Ransomware attack on IT supplier disrupts hundreds of Swedish municipalitiesNews The attack on IT systems supplier Miljödata has impacted public sector services across the country
-
A notorious hacker group is ramping up cloud-based ransomware attacksNews The Storm-0501 threat group is refining its tactics, according to Microsoft, shifting away from traditional endpoint-based attacks and toward cloud-based ransomware.
-
Security researchers have just identified what could be the first ‘AI-powered’ ransomware strain – and it uses OpenAI’s gpt-oss-20b modelNews Using OpenAI's gpt-oss:20b model, ‘PromptLock’ generates malicious Lua scripts via the Ollama API.
-
Data I/O shuts down systems in wake of ransomware attack
News Regulatory filings by Data I/O suggest the costs of dealing with the attack could be significant
-
Average ransom payment doubles in a single quarterNews Targeted social engineering and data exfiltration have become the biggest tactics as three major ransomware groups dominate
-
BlackSuit ransomware gang taken down in latest law enforcement sting – but members have already formed a new groupNews The notorious gang has seen its servers taken down and bitcoin seized, but may have morphed into a new group called Chaos
