We are completely misinterpreting Ransomware

    Cybersecurity- Insiders

    Ransomware is a kind of malware which locks down computer files from access until a ransom is paid in Bitcoins or in other cryptocurrency variants such as Monero. As it is proving profitable, hackers are seen deploying it left and right.

    “Coming to the malware influence on human minds, it’s huge and is being considered as one of the worst nightmares of all times in the world of computing”, said Sandra Bell, the head of Resilience, Sunguard Availability Services.

    However, Ms. Bell fails to understand why ransomware is being misinterpreted in the wrong way when everything is pretty straightforward. If you have reliable backups in place, and if your network is segmented, then we can easily contain the malware and wipe out the data on the infected machines and reimage them with backups. It hardly takes only 20 minutes, if all the said services are automated and well aligned.

    Sandra says that it’s up to the companies or the company heads to analyze the situation and go for the best. Means if we truly want to stop ransomware from sneaking into our corporate networks, then nothing can stop us from achieving the objective.

    Sunguard Availability Sandra Bell suggests four simple steps to stop/ contain ransomware and those are as follows-

    A real target of Ransomware- Ms. Bell feels that the IT systems which are being targeted by hackers are just delivery mechanisms. The real target is the employees of a firm. Just educate your workforce to abide by security riles and ask them to keep their eyes open for dodgy ransom notes and half of the work is done. Other prevention methods like deploying cyber threat detection and management systems in place also help.

    Who is more likely targeted by Ransomware authors/spreaders and how to stop them- Usually, ransomware spreading hackers use complex psychological tactics to get their targets to pay- one by locking down access to critical files and then creating a time pressure for paying. It’s most often seen that ransomware victims are always remote workers or people who associate themselves primarily with their profession rather than their employer- like policemen, doctors, nurses and so on…The situation can easily be tackled if a corporate culture can be induced by reducing the feelings of real or perceived isolation.

    How to smartly tackle the situation- If you are hit with ransomware, the data and IT systems are held as ransom prisoners until the perpetrators receive payments. A smart way to deal with the situation is to use the backup data for data continuity which ensures that you need not pay a ransom to the perpetrators. The other way is to store all data in encrypted form. This helps in situations where the data is held as a prisoner for ransom, but cannot be used by the hackers as it hard to break.

    How companies can avoid becoming a ransomware victim- The best way to deal with the situation is to have multiple recovery plans in place. This means, if you have a single strategy, there is a high probability of the plan failing, as hackers quickly learn ways to overcome it. So, having a solid backup strategy, and business continuity in place along with a disaster recovery arrangement makes true sense as it gives you not a single, but several ways to get back access to the locked data, making it tough for hackers to gain on a financial note.

    Finally, we all have to go with a feeling that there is no single solution to the ransomware problem. The only thing we can do is to successfully manage the associated risks and take advantage of the features that the data and IT systems offer to back up and protect the data, while ensuring that much can be done in safeguarding the employees who manage the data from becoming soft targets- like training them in a timely manner.

    Ad
    Join over 500,000 cybersecurity professionals in our LinkedIn group "Information Security Community"!
    Naveen Goud
    Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

    No posts to display