How to stop the rising tide of ransomware

'How to' guides

Phishing scams are highly effective tools for delivering ransomware into organisations. Once on a machine, this extortion software will lock a user out and hackers will demand a ransom to give access back to files, databases, and sensitive customer information.

If this spreads from the originally infected machine, it could mean losing access to an entire business network. If a ransom is not paid, important data could be lost and sensitive files released on the internet. On top of that, the organisation will have to pay to rebuild their IT system from scratch.

Prevention is key for protecting against ransomware. Here's how you can stop it from threatening your business.

Sophisticated modern cybercriminals

Prevention starts with understanding how cybercriminals operate. There exists a highly professional ecosystem of criminals and hackers that work together to infiltrate major targets. These hackers may already have access to corporate networks, which they then sell to ransomware operators who steal data and then begin the encryption operation.

Many high-profile ransomware cases have led to a rise in Crime-as-a-Service, with hackers offering to work with criminals in exchange for a portion of the ransom demand. With such an organised approach to cybercrime, a robust security system and effective cybersecurity policies are more important than ever.

Ransomware is becoming easier to get hold of, with even non-experts able to use it to extort businesses. You no longer need to have advanced software building or hacking skills to carry out a ransomware attack. It’s as simple as going onto a dark web marketplace and enlisting the services of those with the correct skills.

The number of cybercrimes committed worldwide in 2020 was 69% higher than the previous year's total. This was also partly due to the shift to remote working throughout the pandemic as criminals saw their chance to exploit vulnerabilities arising from new working habits.

Prevention is the key

The integrity of your business's network depends on having the right cybersecurity solutions in place and all users following a robust yet straightforward set of policies. These can outline what is and isn't allowed within the business and present a clear way of working. 

If all users understand their part in avoiding social engineering risks and how they can increase cybersecurity, it'll be much harder for attackers to gain access. Here are some ways to prevent ransomware attacks:

Never click unsafe links

Usually, if an email looks suspicious, it is. However, phishing scams are becoming increasingly sophisticated — often going as far as to spoof trusted email addresses or take over a legitimate email account. All users must understand what to look out for and what to do if something looks suspicious.

Beware of unusual requests via email

Cybercriminals can gather information on employees via social media platforms, corporate websites, or even through phone calls. So just because someone knows a few details about you, that doesn’t mean they can be trusted. Users should double-check unusual requests to make sure they are legitimate.

Do not open suspicious email attachments

As with links, ransomware can be delivered onto a device through an attachment. Email attachments from unknown sources should be treated with caution. A solution such as Egress Defend can scan attachments and links to help determine if an email presents a risk.

Keep everything up to date

With new updates come security patches. That means it's important to make sure all updates are installed as soon as they are available.

Use known download sources

Rely on known download sources and encourage users to look for an HTTPS address over HTTP.

Access public Wi-Fi using a VPN

When working remotely, it's important to use a VPN to access public Wi-Fi. That's because these networks may not always have the most robust security and could provide access for attackers.

Use the right security technology

All of the above can help reduce the chances of a ransomware attack. Unfortunately though, a cybercriminal only needs one employee to fall for one email – and they can lock down your entire organisation.

Only intelligent anti-phishing solutions such as Egress Defend can prevent ransomware at the delivery stage and stop it from landing in your employee’s inbox in the first place.

Stop phishing to stop ransomware

With the right anti-phishing tools in place and users who understand the role they need to play in preventing ransomware, you can protect your business. Using technology shaped and influenced by GCHQ (the UK government’s intelligence and security agency), Egress Defend works to stop ransomware at the delivery stage of the 'kill chain.'

It uses advanced machine learning and natural language processing capabilities to understand both the content and context of every email. This allows Defend to flag any signs of phishing in real time, and explain to employees why the email has been blocked and marked as suspicious. 

Phishing emails exploit human weaknesses, and they're getting more advanced at doing so. If a user can begin to understand why an email might be suspicious, it empowers them to make good decisions in the future. All of this can help stop ransomware in its tracks.

The best thing you can do to stop ransomware is to prevent it from reaching a machine on your business network. That can be done through employee education alongside intelligent security software such as Egress Defend.

You can learn more about the dangers of phishing, as well as how to keep your business safe, in our dedicated information hub. Or if you’re ready to give Defend a try for yourself, you can request a no-strings-attached demo here.

FAQ

What is ransomware in simple words?

Ransomware is extortion software that locks a user out of their computer. A ransom is then demanded to give access back to files, databases, and sensitive customer information. Once ransomware is on one computer, it can spread to other devices in a business network.

What are some well-known ransomware attacks?

Perhaps the most recent well-publicised story was the Colonial Pipeline attack. That’s where the company paid a reported $4.4m (£3.2m) to hackers to regain access to its systems — but there have been other high-profile cases, including the WannaCry ransomware attack on the NHS. This attack is said to have cost the health service £92m with 19,000 cancelled appointments.

What are the top cyber security threats in 2021?

Phishing and ransomware are some of the biggest threats in 2021, with attacks growing the last year thanks to a rise in crime-as-a-service. Businesses should also look out for other social engineering attacks alongside data leakage and insider threats.