How to avoid Ransomware attack to make better business
- Ransomware is malware that holds users’ devices “hostage”. Here, a hacker encrypts a target’s data. The hacker will typically not grant access to the data’s owner until they pay some ransom. Attackers typically focus on the most important files any organization has.
Ransomware attacks are becoming prevalent in today’s world. They are becoming particularly notorious because of the number of people using online systems at the moment. The coronavirus pandemic forced businesses and individuals to use online platforms. However, since most businesses are not cyber security-savvy, they end up being easy prey for attackers. The same applies to individuals who are now forced to communicate, make transactions and keep up with personal interaction more online.
However, even though these attacks are global, India seems to bear the brunt of them. There have been several reports of India suffering large-scale ransomware attacks as well as other data breaches. These affect businesses, leading to losses on a grand scale. In the light of all these, how can businesses innovate to steer clear of ransomware attacks or mitigate their impacts?
Ransomware and the Indian Experience
Ransomware is malware that holds users’ devices “hostage”. Here, a hacker encrypts a target’s data. The hacker will typically not grant access to the data’s owner until they pay some ransom. Attackers typically focus on the most important files any organization has. Thus, when ransomware attacks occur, the data owners will be forced to pay to regain access to their crucial data.
Hackers have implemented various forms of ransomware over the years. The most common is the email spam campaign. Here, the attacker employs a combination of a phishing and ransomware attack. In other instances, the attacks are more targeted. The hacker creates an attack vector that attaches itself to the target’s system. It only disappears when the target pays the ransom.
There seems to be a flourishing ransomware attack business globally. For example, it is reported that there are more than 4000 ransomware attacks in the United States daily. Also, India seems to be at the very top of these disturbing statistics. Sophos’ State of Ransomware Report for 2021 states that India tops the list of 30 countries that have experienced ransomware attacks in 2021. In addition, more than 68 percent of the companies in India have experienced ransomware attacks in the past 12 months. Of that number, 66 percent eventually paid the ransom to regain access to their data.
The report revealed that the methods employed by cybercriminals have similarly changed. Attackers are employing “human hands-on keyboard hacking”. This is a lot more efficient and has more devastating consequences for businesses, making it harder to recover.
Some of the most popular Indian ransomware attacks include the Telangana and AP Power utilities attacks. This affected the power utility systems of Telangana and AP, taking them offline for a while. There was also the Mira botnet attack. This affected no less than 2.5 computer systems in India. Even the state-owned telecom company BSNL also suffered a ransomware attack. This similarly affected no less than 2000 businesses.
The Way Forward
In the light of the overwhelming statistics above, there is no doubt that something urgent needs to be done. Hence, how can businesses evolve to meet the current threats?
The first step will be focusing on and stepping up security within organizations. Most organizations do not take cybersecurity seriously. In the majority of cases, this is because of ignorance. Most businesses are unaware of the huge threats their businesses face for the simple fact that they are online. Hence, they do not treat it with the seriousness it deserves. Only a few businesses have security and threat assessment officers. Organizations that will survive the current onslaught will only be those that take active steps such as creating officers charged with preventing threats such as ransomware attacks.
Similarly, Indian corporations also need to devote time to educate employees about the prevalence of such attacks. Ignorant employees provide a means for cybercriminals to infiltrate and attack businesses. Hence, it is important for employers to take the time to educate their employees about the various threats that exist and how to avoid them. Vigilant employees can detect threats and prevent them from spreading.
Organizations should also develop contingency plans in case an attack occurs. Thus, actions like developing a backup system for all data should also be implemented. This has worked in several situations. For instance, Spain suffered multiple spates of attacks in 2020. However, most organizations in the country that were attacked were able to move on without paying any ransom. The secret was simple: they had backup systems in place.
One other very simple means to avoid attacks is updating systems and software. Software creators routinely update their software to patch up issues, some of which could be related to security. Organizations that do not follow through with updates do themselves no favors. It is also necessary for firms to also deploy antivirus software. There are several that exist. They could help detect and also prevent attacks.
Disclaimer: This is a company press release. No HT journalist is involved in creation of this content.