Ransomware is a tool that cyber-criminals use to infiltrate computer servers, desktops, laptops and other mobile devices. This malicious software then encrypts a company’s critical files and web properties and holds them for ransom until the company or organisation pays the requested amount (usually through cryptocurrency), on which the cyber-criminal will release the company’s digital assets.
Recent examples of ransomware include: CryptoLocker, CryptoWall, Locky, Cerber, KeyRanger, SamSam, TeslaCrypt, TorrentLocker, and Reveton. Although we have yet to see any new ransomware emerging in 2019, and no major ransomware attacks have happened in these first two months of the year, it still pays to be prepared.
Ransomware Predictions
In a collection of predictions made at the end of last year, which were published by Forbes in an article titled ‘60 Cybersecurity Predictions For 2019’, the forecast alluded to the following trends in ransomware attacks and cybersecurity.
Corey Nachreiner, CTO of WatchGuard Technologies contributed to the article by saying that malicious or hijacked AI-driven chatbots will be used to socially engineer individuals to give up personal and sensitive information, or misdirect victims to illegitimate links that allow cyber criminals to access a victim’s data. Nachreiner suggested that the malicious bots would start out text based, but could eventually evolve to use human speech bots to socially engineer victims over the phone. For now, website application flaws could be exploited to insert malicious bots, where there was no chatbot before.
Additionally, certain weak points and likely targets were discussed in the predictions. Tal Zamir, CEO of Hysolate predicts cloud and user devices will be the main targets of attack, since the great functionality of operating systems on user devices are vulnerable to attack. Similarly, Erez Yalon, the Head of Security Research at Checkmarx, states that the IoT (the Internet of Things) is not secure and therefore vulnerable to attack. Since there are no big changes in IoT security on the horizon, it is important to ensure your devices are secure, regardless of the security on the computing devices it is interrelated with.
Alternatively, Avishai Sharlin, General Manager of Amdocs Technology, pointed out that there is a lack of individuals in the workforce to combat the growing threat of cyber-attacks and malicious attempts. Therefore, 2019 is the year to re-skill employees and take steps to improve an organisation’s position against cyber attacks.
What to Do to Stay Ahead of Ransomware Attacks?
Any organisation should feel confident in their backups, testing and recovery so that when a ransom is made for their data, they can deny any ransom demands. As an MSP you should be able to provide your clients with this confidence, as well as have this confidence in your own systems.
ActiveImage will help setup a secure efficient backup process to protect all your data, as well as regularly test these backups and their restoration, protecting your systems from ransomware. For more information, a demo or a 30 day trial contact ActiveImage today!