Ransomware is currently the fastest-growing cybercrime in the world. To the unfamiliar, ransomware is malware that encrypts a victim’s private data, making it impossible to access without a key unless a ransom is paid. Criminals also threaten to make data public if victims refuse to comply. The COVID-19 pandemic has precipitated a worrying rise in such attacks, which have increased by an astounding 500% worldwide. Undoubtedly, these trends are likely to continue even after the pandemic subsides. Organizations, regardless of their size, must respond swiftly to curb such attacks.
Rising ransomware attacks
Multiple factors account for the increase in ransomware incidents over the past year, such as the surge in digital adoption and remote working spurred by the COVID-19 pandemic. Home networks are not designed with the kind of security measures that protect organizational networks. It leaves employees and their organizations vulnerable to risks. Since last year, hackers have resorted to COVID-19-themed emails to lure unsuspecting users. These could be fake email announcements from official entities, such as government bodies or the World Health Organization, updates on industry trends, and requests from charity organizations with malicious attachments. Once opened, these emails and links can provide hackers with a gateway into an organization’s database.
[box type=”info” align=”” class=”” width=””]Additionally, cryptocurrency has enabled the untraceable transfer of large sums that would have been impossible otherwise in the currency market. According to blockchain analysis firm Chainanalysis Inc., USD 406 million was paid in ransom using cryptocurrency in 2020, and USD 81 million was paid this year as of May. The anonymity, ease of access, and speed the cryptocurrency offers makes it an attractive channel to hackers.[/box]
Organizations are nervous about the agility and skills of the hackers, where ransomware attacks are not just limited to the primary data but also the data in backups. The emergence of ransomware-as-a-service business model among criminals allows the leasing of ransomware, thus increasing the number of potential hackers.
Adopting an effective ransomware strategy
Communications and Policy: Organizations must develop a strong ransomware strategy, given the sophistication of recent attacks and consequential losses. Such a strategy needs clear communications, proactive measures, and effective cybersecurity tools that minimize data loss. As a first step, companies should create a response plan in the event of data loss. It involves training employees to identify suspicious emails and attachments, assigning responsibility for communicating with relevant stakeholders, and reviewing the company’s cyber-insurance policy.
Data Encryption and Multifactor Authentication: Keep data encrypted regardless of where it is stored. Should you decide to back up data on the cloud, use encryption to ensure that your data is well protected during the transfer. Implement multifactor authentication on all company accounts, VPN access, IP address whitelisting, and external applications.
Protect End-user Data and Branch offices: Data on end-user laptops, mobiles, or desktops, being in remote and branch offices is the most vulnerable for ransomware attacks. Adopt solutions that enable employees to automatically sync data to the central data center, and the ability to recover the data in the event of an attack should be an integral part of the ransomware mitigation plan.
Ensure Backups are Safe and Data Immutable: Adopt technologies that automatically secure backup data from ransomware attacks and maintain data immutability. This is the only last line of defense to recover data in the event of a ransomware attack. Organizations are adopting object storage solutions and a hybrid-cloud strategy to ensure the data is always secure and available, both on-prem and off-prem locations.
Hitachi Vantara partners with customers in effectively tackling ransomware attacks and ensures that the data is always safe. We provide solutions for edge-core-cloud so that data is always secure regardless of where it is stored.
About the author:
Suraj Kotipalli is APAC Business Leader for Content and Data Intelligence Solutions at Hitachi Vantara with a focus on helping customers modernize their Datacenters, Applications and accelerate their overall Digital Transformation. He joined Hitachi Vantara in 2017 and lead a team of Solution Experts in APAC region.
Suraj has more than 2 decades of rich versatile experience where he held several Technology and Sales leadership roles in APAC. Prior to Hitachi Vantara, he worked for Microsoft Corporation for 14 years. An Engineering graduate in computers, Suraj is passionate about Technology and obsessed with Customer and Partner success.
