Resources & Insights

Business Ransomware Attacks Skyrocket

October 17, 2019

George Whitten,
Insurance Advisor

More than three years have passed since the FBI last issued a warning about ransomware. This month, responding to a sharp spike in the cost of such attacks, it put out a fresh alert about ransomware attacks across all sectors.

“Ransomware attacks are becoming more targeted, sophisticated, and costly,” FBI officials warned.

The agency’s alert came shortly after antivirus firm Malwarebytes reported a “shocking” 363 percent year-over-year increase in the second quarter of ransomware attacks targeting clients running its business software.

Ransomware is a form of malware that encrypts files on a victim’s computer or server, making them unusable. Cyber criminals demand a ransom in exchange for providing a key to decrypt the victim’s files.

Although state and local governments have been particularly visible targets for ransomware attacks, “ransomware actors” have also targeted health care organizations,  manufacturers, and those in the transportation sector, the FBI said.

Among other all-too-familiar approaches, hackers have been using phishing campaigns, in which they send an email containing a malicious link that enables them to spread malware across an organization. They’ve also relied on “brute-force” methods to gain access to a company’s computer systems, using a trial-and-error approach to find logins, and will often try to take advantage of weaknesses in software security programs.

In its alert, the FBI said it does not advocate paying a ransom, in part because doing so does not guarantee an organization will regain access to its data.

In some cases, victims who paid a ransom were never provided with decryption keys. In addition, due to flaws in the encryption algorithms of certain malware variants, victims may not be able to recover some or all of their data even with a valid decryption key.

“Paying ransoms emboldens criminals to target other organizations and provides an alluring and lucrative enterprise to other criminals,” the FBI said.

Whether you pay or not, it’s important to report ransomware attacks to law enforcement. Doing so provides investigators with the critical information they need to track ransomware attackers and prevent future attacks.

Cyber Defense Best Practices

Although it noted that even the most robust prevention controls “are no guarantee against exploitation,” the FBI did offer a list of recommendations to help prevent ransomware attacks. It suggested that companies:

  • Regularly back up data and verify its integrity. Ensure backups are not connected to the computers and networks they are backing up. For example, physically store them offline. Backups are critical in ransomware; if you are infected, backups may be the best way to recover your critical data.
  • Focus on awareness and training. Since end users are targeted, employees should be made aware of the threat of ransomware and how it is delivered, and trained on information security principles and techniques.
  • Ensure anti-virus and anti-malware solutions are set to automatically update and that regular scans are conducted.
  • Implement the least privilege for file, directory, and network share permissions. If a user only needs to read specific files, they should not have write-access to those files, directories, or shares. Configure access controls with least privilege in mind.
  • Employ best practices for use of Remote Desktop Protocol, including auditing your network for systems using RDP, closing unused RDP ports, applying two-factor authentication wherever possible, and logging RDP login attempts.

There’s more to this list that you can read here.

We’d also suggest reading this: 7 Ways Cyber Insurance Policies Can Help You Respond to a Data Breach

George Whitten is an Insurance Advisor at CCIG. Reach him at George.Whitten@thinkccig.com or at 720-330-7940.

CCIG is a Denver-area insurance, employee benefits and surety brokerage with clients nationwide. We do more than make sure you have the right policy. We help you manage your long-term cost of insurance with our risk and claims management expertise and a commitment to service excellence.

 

Share this:
Back to Resources

Contact Us

Call us at 303-799-0110 or reach out by filling out a short form.

Get In Touch