Cyber Security

Ransomware is big business

7th October 2022
Sheryl Miles
0

Ransomware is everywhere, no one is safe.

Parcel delivery notifications. Emails requesting password changes. Deactivation of an old account. Someone is pretending to be your child who has changed their phone number. The list of phishing texts, calls, and emails are endless, and they are something everyone encounters regularly.

Phishing scams are the main driver behind Ransomware attacks, but they aren’t the only way people or organisations are held to ransom.

According to Statista, during the first half of 2022 there were more than 230 million ransomware attacks worldwide. And a report by Help Net Security suggests that out of respondent organisations 79% have being targeted by ransomware attacks, with around 60% being successful in disrupting business operations.

Ransomware attackers deliberately use malicious software to deny a user or organisation access to their computer files. By encrypting the files or locking the devices, the user cannot gain access without usually having to pay a ransom to get those files back.

Most companies will inevitably backup their data using the 3-2-1 approach which advises that you have three backup copies of your data on two different media, such as disk and tape, with one of those copies located offsite for disaster recovery.

However, as technology advances, so too do cyber attackers. And now attackers are seeking to hold the backups to ransom first, rendering the person or organisation impotent. But there is a -1 which should be used alongside the 3-2-1 approach. This -1 is called immutable storage.

The time it takes to recover from an attack will vary from organisation to organisation. It will also depend on the extent of the attack, with some people’s files being permanently deleted.

Whether it’s a large organisation, small business, or a sole trader that is targeted, an attack will not only cost time and money, but the result could be catastrophic.

Unfortunately, small businesses may never recover from an attack, as they are unlikely to have any protection in place. And even if they do manage to recover, oftentimes, the attack decreases trust between the company and the customer, which could have as much of a negative effect as the attack itself.

Sergei Serdyuk, VP of Product Management, NAKIVO, states that the main three reasons for an attack are:

  • Financial gain
  • Ideological and political gain
  • Simply to test skills with no regard for reward

According to Anthony Parry, UK Partner Account Director at Arcserve, ransomware attacks continue to significantly disrupt business worldwide with staggering costs and the real threat of losing mission-critical data. Companies must review and modernise their IT security infrastructure by making data backup and recovery and immutable storage a cornerstone of their data resilience strategy to strengthen the entire environment.

What do you do to protect your business?

Ransomware is now being offered as a service (RaaS), meaning that an attacker doesn’t need to be an expert phisher or hacker. They simply use the software provided by the RaaS company and launch an attack. If all the parties make money out of it, then so much the better.

With this in mind, the general advice is to assume that you will be a victim, and work from there.

Backups are a good start – following the 3-2-1 method as mentioned above, but as criminals get smarter, so too must the technology. There has recently been the introduction of immutable storage, which is the -1 mentioned earlier. The term immutable being defined as “something that will never change or cannot be changed”. This means that the backup files cannot be changed or deleted and are safe from ransomware attacks after the backup has been created.

Immutable storage should be used in conjunction with an individual’s or organisation’s 3-2-1 plan, making it a 3-2-1-1 plan. This will ensure the most protection against attacks as possible.

No matter what size your business is, it is always wise to assume that at some point you will fall victim, and act accordingly. There are lots of companies out there who are designed to help businesses of all shapes and sizes, and budgets can always be discussed. And a little bit of protection now can go a long way to securing the longevity of your business.

Featured products

Product Spotlight

Upcoming Events

View all events
Newsletter
Latest global electronics news
© Copyright 2024 Electronic Specifier