Ransomware a growing risk for organisations. Not only home computers which at risk but, businesses, financial institutions, government agencies, academic institutions, and other organisations can and have become infected as well.
What is Ransomware?
Ransomware is a type of malware which restrict access to the infected computer systems, files or documents and demands that the user pay a ransom to the malware operators to remove the restriction. Typically, the ransomware will either ‘lock’ the computer to prevent normal usage, or encrypt the documents and files on it to prevent access to the saved data. This result in the loss of sensitive or proprietary information, disruption to regular operations, financial losses incurred to restore systems and files, and/or potential harm to an organization’s reputation.
The aim of the Ransomware?
This type of malware forces its victims to pay the ransom through certain online payment methods in order to grant access to their systems, or to get their data back. The use of ransomware is to extort funds.
Three Indian Banks & several big industries have been revealed as targets of a ransomware scheme that saw a ransom demand in Bitcoin. In 2016, ransomware attacks are expected to increase and are a global threat for big organizations and industries if they have inadequate security defenses in place
Similar ransomware attacks against banks in the Sub-Saharan African region over the last few months.
The evolution of the Ransomware:
Ransomware has evolved rapidly in the last 10 years, moving from preying on individuals to aiming at organizations, which are likely to pay bigger amounts. Ransomware’s access to a computer or system is part of a class of security threats that depend on someone being duped into providing network credentials, primarily through phishing attacks.
Ransomware primarily was aimed at individuals and small businesses until a few years ago, when criminals began targeting larger corporations, while ransomware attacks in the past required small payments to resolve–$300 to $700 were typical amounts– the Hollywood Presbyterian attack shows that as targets get bigger, so does the level of extortion.
The defense against Ransomware:
The impact of Ransomware that does penetrate your defenses will depend largely on how you have been managing your backup and recovery systems. Backups don’t need to be sophisticated, they just need to be done regularly and then periodically tested for usability. If these are appropriately configured and routinely tested, you may well be able to replace the files that the ransomware encrypted with relatively current versions.
Now, there’s increasing focus on cybercrime, including ransomware, and healthcare organizations have to ramp up their training to educate employees and sell them on the necessity of always being alert to potential phishing attacks.
Maintaining this heighten sense of awareness will require frequent, if not continuous, efforts to keep security at high levels in healthcare organizations, he adds.
Behavioural analytics also can be a strong weapon in the cyber war. Analysing records of employee network activity can identify risky behaviour in the workplace—unintentionally or otherwise. The IT department can then come in and provide “just-in-time training” to employees, soon after risky behaviour occurs.
The Security team at Anglo African will be pleased to assist you in reviewing some or all of your processes that you currently have or the challenges that you might be facing. Please contact us on: contact@infosystems.mu or 2331636.
Source:information-management.com
Image Source: pandasecurity.com