The new year brings new challenges, and warding off ransomware is one that many manufacturers frankly are not ready to address. This form of malware has been gaining traction, and one attack could spread and cause hundreds of billions in damage, according to the Cyber Risk Management (CyRiM) project. However, businesses can take steps to keep themselves from becoming a top trending theme on Twitter — for all of the wrong reasons. Here’s how.
What is Ransomware?
Ransomware is a high tech version of kidnapping. Here, malware invades a system, encrypts computer files, and blocks legitimate users from accessing their own systems. Once installed, the cybercriminals hold the system – and company — hostage. Unless they are paid a specific sum of money, the system is rendered useless.
Ransomware has been gaining traction because it is effective. Criminals have been using the openness that most companies have granted in today’s online information age to their advantage. A common practice is creating bogus personalized emails that look legitimate. Gone are the days of old when crooks blasted emails to any address indiscriminately. Nowadays, they have refined their techniques. They scour corporate websites; identify high-value targets, like the CEO or CFO; include the target’s personal information and company items, like logos in their software. As soon as the target opens the email, the system is compromised. A message requiring that the company pay a ransom appears on the screen, and the system is frozen. The demands range from about $100 to $10,000 or more.
Most organizations are susceptible to ransomware breaches, according to a report from the CyRiM project, a Singapore-based public-private consortium that assesses cyber risks. Lloyd’s, which has been insuring companies for more than 300 years, is one of the report sponsors. An attack launched through an infected email would automatically forward the malware to all of the user’s contacts. Within 24 hours, the attack would have encrypted all of the data on 30 million devices worldwide. Such a breach would cost $193B and affect more than 600,000 businesses worldwide.
Protecting Your Corporate Assets
How can manufacturers protect themselves? Here are five best practices that will help your business guard against a ransomware breach:
1) Conduct Regular Employee Cybersecurity Awareness and Training
Criminals look for the weakest link in a business’s security chain, and employees are often just that. In fact, a report from The Bunker found that top executives, CEOs, were the least likely to follow corporate security best practices. So, the most effective way to stop an attack is to train employees to be skeptical. Rather than simply click on an email with an enticing subject, they need to examine where the email comes from and avoid unfamiliar addresses. Cybersecurity training should also emphasize the need for strong passwords and explain the role of system authentication. Because the threat landscape is dynamic, businesses need to regularly update their security training classes.
2) Keep Your Computer Systems Up-to-Date
Businesses have a mix of old and new software. Ransomware relies on known legacy software vulnerabilities, some many years old, to take over your system. Typically, patching, or updating the old systems, will not earn the technology department recognition. Consequently, employees use browsers, operating systems, and other software applications that are vulnerable. Developing a strong security posture starts with an understanding from top management about the potential damage an attack could create and allocating the funding to ensure that time is spent on closing potential holes, such as updating vulnerable legacy software.
3) Take a Multilayered Approach to Cybersecurity
Application design has changed dramatically in the past several years. Large monolithic pieces of code have been broken up into smaller components. The change has sped up and improved application design, but it has also made securing interactions more challenging. The bad guys now have more potential entryways. To thwart attacks, companies must install multiple layers of cybersecurity solutions. They need a set of tools that begins with remote monitoring, so incoming traffic is always scanned for malware. A firewall protects them against intruders and contains threats if they do sneak in. Security audits ensure that sensitive information is protected. Finally, backups help a company restore the computer systems if problems arise.
4) Be Prepared
Like a Boy Scout, a company needs to be proactive in dealing with a potential ransomware attack. Before an attack happens, the technology team needs to meet with top management and outline what they can do to thwart an attack. No plan is flawless, so in addition, board of directors need to determine what course of action the company will take if a ransomware breach occurs. Will they pay the ransom? What law enforcement officials would be called to help? If the unthinkable occurs, you want to move quickly and focus on how to lessen further damage rather than spend time evaluating your options.
5) Back up Your Critical Systems and Data
A company lessens the potential damage from the loss of a system if it has sound back-up policies, procedures, and products. They can design their systems so secure backup copies are created continuously during the day. Businesses should regularly test their backup processes to ensure that lost information is restored as expected. If the backup processes are strong, the organization may not have to pay the ransomware to get itself back up and running.
Ransomware is a growing problem for manufacturers. Hackers are perfecting this technique, so its potential to wreak havoc is increasing. Companies need to protect themselves. The first step is being aware of the problem. Having sound security and backup procedures in place also helps them to mitigate the fallout from a breach. Hackers are constantly trying to get in your systems, so you need to be just as vigilant guarding against them.