Ransomware threat is the cyber mafia of our times and tops the global Cyber Crime charts. It is malicious software used by cyber thieves to hack and keep confidential global information ‘hostage’ for a ransom, i.e., a lump sum amount. The payment doesn’t guarantee access to data. Hence, this cyber security threat has created havoc in the world of global online businesses.
How does Ransomware attack?
The strategy of attack is simple. The cyber criminal gets access to one’s system and locks it, and the user is logged out of his/her computer. The cyber thief will encrypt data and offer access only after the victim pays an amount for its retrieval. Ransomware can enter one’s system post clicking on a malicious mail, unsafe link, etc.
Why is Ransomware Spreading?
E-mail phishing scams top the list of reasons responsible for the spread of Ransomware. Other reasons include lack of awareness and cyber security training, open RDP access, etc. Weak password protection and report clickbait are also responsible for the spread of Ransomware.
Types of Ransomware threat
Ransomware is broadly classified into two types:
- Crypto Ransomware – In this cyber security threat, the hacker encrypts files and prevents access to the victim until a ransom is paid.
- Locker Ransomware – In Locker Ransomware, the cyber thief locks the user out of his system than individual file data encryption.
As per the 2021 statistics provided by a cyber security firm 11 known examples of ransomware threats were reported. They are listed below with the percentage of threats reported:
1) Sodinokibi (REvil) – 14.2%
2) Conti V2 – 10.2%
3) Lockbit – 7.5%
4) Clop – 7.1%
5) Egregor – 5.3%
6) Avaddon – 4.4%
7) Ryuk – 4%
8) Darkpoint – 3.5%
9) Suncrypt – 3.1%
10) Netwalker – 3.1%
11) Phobos – 2.7%
Victims of Ransomware
The victims of Ransomware include the following:
1) Government organisations, law firms, etc., holding sensitive data of national importance.
2) Big companies that can afford to pay huge ransoms.
3) Small companies, universities, etc., with weak cyber security systems.
Why is it a threat to digital businesses in Australia?
As per reports, Australia witnessed a massive rise in ransomware attacks in the last two years. A lack of investment has been done by businesses in information technology updates. The employees need to be trained against such attacks. But the financial infrastructure prevents many small businesses from paying for IT security measures. Many organisations end up paying the hackers due to fear of reputation loss. These are some key reasons that tell why ransomware is a threat to digital businesses in Australia. Awareness needs to be created on Information Security Management Systems (ISMS) to get ISO certified, and secure systems against ransomware threats. Though the recent Federal Budget has granted a 20 per cent deduction in taxes incurred on IT technology, the roadmap to its practical implementation is yet to .
Ransomware attacks in Australia
Below are the top Ransomware attacks in Australia that proved as an eye-opener for the country that believed they were safe from Cyber Security threats.
1) Nine Entertainment
It is a noteworthy attack that took place in March 2021. The company’s news bulletin and newspaper production were soft targets of this Ransomware attack.
2) WannaCry ransomware attack
In 2017, about 150 countries and 200,0000 computers were affected by the WannaCry ransom attack that lasted 7 hours and 16 minutes. Conducted by the WannaCry ransomware cryptoworm, it targeted the global Microsoft Windows Operating Systems. A kill switch created by Marcus Hutchins prevented the further spread of ransomware from infected computers. It was later reported North Korea was behind the attack.
As per Australian Signals Directors (ASD) director-general Rachel Noble, a single cyber attack in Australia might cost $30 billion and over 160,000 jobs.
The Ransomware Action Plan was announced on 13th October 2021 by the Australian Government’s Ministry of Home Affairs.
Are you ready for a ransomware attack?
This can be answered based on the cyber threat prevention measures taken by your organisation. Below given are the three 4 key questions that will answer your query:
1) How easy it could be for a hacker to intrude into your systems?
2) If a hacker succeeds in entering a system, how easy would it be for the attacker to hack the entire Information Technology network of your business?
3) Do you have Information Sensitive data that can cost you a huge ransom?
4) Are your systems backed by cloud backups to recover from a ransomware attack, and how fast can your organisation get over one?
Who are the Malicious Actors?
They are cyber criminals targeting businesses to earn money, steal information, etc. A North Korean group, Lazarus, is a popular, yet dangerous example of malicious actors.
What is DarkSide ransomware?
Darkside ransomware is a malware provided to cyber criminals. It has been in operation since August 2020.
How long does it take to recover from ransomware?
According to a recent survey, it might take 33 hours to recover from a ransomware attack.
How can Anitech help?
Anitech has a reputation in the Australian market for providing robust Cyber Security and Information Security assistance. We have a strategic yet professional approach to providing security solutions to businesses. Our team is qualified and will guide you to manage your systems and meet the requirements of the latest ISO Standards. We will also provide you with step-by-step guidance on the latest ISO 27002: 2022 updated standard, so that you meet the requirements to get certified. We will continue with our consultation even after getting your company ISO certified.
Tips to prevent Ransomware attacks
The only cure for a ransomware attack is to pay the amount demanded by the cyber thief. But, this cure doesn’t guarantee the return of your data! Hence, preventing ransomware attacks is the biggest strategy businesses and individuals can implement to fight it. Below are some quick prevention tips to take note of.
1) Endpoint detection and response strategy (EDR)
An endpoint detection and response strategy (EDR) is the most basic step one can follow to keep Ransomware at bay! Always have your system installed with the latest antivirus software, and keep the firewall on. Ensure that you scan each mail before accessing it. Do scan your PC regularly for further security. This prevention strategy will keep Ransomware from entering your system.
2) Check before you click
The biggest source of ransomware is an unsafe email that resembles a professional message, but it is the trap for which many fall. It is called e-mail phishing – a hacker’s favorite tool. With this, cyber criminals can pretend like a professional account and send e-mails that lure victims to click. But, as mentioned earlier, we advise you to click on the links sent by verified senders only.
3) Train your employees
The employees of an organisation are the soft targets of hackers, as the latter is aware of the former’s lack of technical awareness. Hence, giving training to your team is essential to prevent a ransomware attack. The training can include making them aware of the malicious software, how it enters systems, sources like e-mails, etc. Other basic security assistance can be provided, like securing systems with strong passwords, regular anti-virus scans, preventing sharing of passwords and unauthorized access, etc.,
4) Data backups
Backing up important data on your company’s cloud network is recommended to have a copy of important data. By doing so, there will always be a copy of all sensitive information, and hence, there will be no need to pay money even in the case of a ransomware attack. Ensure that systems are updated
You can take a quick self-assessment test by clicking here.