How can businesses best mitigate against ransomware threats?
![](https://cdn.shortpixel.ai/spai/q_lossy+ret_img+to_auto/www.wilsonsmedia.com/wp-content/uploads/2024/06/how-can-businesses-best-mitigate-against-ransomware-threats.jpg)
![](https://cdn.shortpixel.ai/spai/q_lossy+ret_img+to_auto/i0.wp.com/cdn.mos.cms.futurecdn.net/S2k99RTyJJhGbDwQRHUsyg-1200-80.jpg?w=640&ssl=1)
Ransomware casts a long shadow in today’s digital landscape, threatening businesses of all sizes with data paralysis, operational interruption, reputational damage and severe financial repercussions. The problem is particularly serious for mid-market organizations, with over half (57%) admitting they don’t regularly review and replace legacy systems, and a similar number (57%) failing to patch their systems regularly.
These security gaps create a wider attack surface and additional vulnerabilities that cybercriminals are eager to exploit. Thankfully, with a deeper understanding of ransomware and proactive cybersecurity measures, businesses can significantly bolster their defences, and reduce the overall risk of data loss.
How does ransomware work?
Ransomware is a malicious software program designed to encrypt a victim’s critical data, essentially locking them out of their own files. Attackers will demand a ransom payment in exchange for the decryption key, creating a huge dilemma for businesses. Either pay the ransom, and risk emboldening cybercriminals, or lose access to essential data, halting operations, exposing customers to unnecessary risk and creating significant regulatory and financial headaches.
There are several methods that attackers may employ in an attempt to gain access to a victim’s network. Phishing, and the rise of spear-phishing, looks to target employees with emails containing suspicious attachments or links that, when clicked, can eventually download malware onto a device. It’s reported that 91% of all cyberattacks begin with a phishing email, and 32% of all successful breaches involve the use of phishing techniques. Exploiting known software vulnerabilities and abuse of trust attacks are additional methods employed by attackers to gain entry into business systems. In addition, ransomware operators will also look to identify your backup solutions and will either delete or encrypt these to ensure businesses cannot quickly recover and therefore avoid payment of the ransom.
Security & Compliance Product Director, Advania.
The evolving threat landscape: New tactics and targets
The cybersecurity threat landscape is constantly evolving. In 2024, both businesses and individuals must be aware of novel and emerging threats, including the risks posed by new ransomware groups. Attracted by the lucrative nature of ransomware, these groups seek innovative ways to gain access to the systems that are crucial in maintaining day-to-day business operations .
This lucrative nature can be exemplified by recent data which shows payments from ransomware victims exceeded $1bn last year – a record high. And that’s just for the cryptocurrency wallets forensics analysts were able to track. While authorities work together to take down the most prolific groups (such as the recent takedown of LockBit), these victories are often temporary, with new operators quickly filling the void.
Furthermore, attackers are shifting tactics. While data encryption remains a common method, some ransomware variants now steal data and threaten to expose it on the dark web, creating a double extortion threat. Malicious QR codes, a new variant called “Quishing,” are emerging as another potential entry point. Due to shifting tactics, user vigilance is paramount.
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
The focus is also shifting towards smaller businesses. BlackCat and Lockbit are two ransomware groups specifically targeting SMBs, particularly in growing economies. SMBs often lack the dedicated resources for robust cybersecurity, making them more vulnerable.
Building a fortified defense: Strategies for businesses of all sizes
While there’s no foolproof way to prevent ransomware attacks entirely, businesses can take proactive steps to significantly reduce their risk and limit the impact if an attack occurs. Cloud security solutions can be a powerful ally in this fight.
Building a strong defense against ransomware requires a layered approach. The cornerstone of this defense is a robust backup strategy. Regularly backing up critical data to a secure, offsite location, ideally managed by security professionals in the cloud, provides a safety net in case of an attack. Cloud backups are geographically separate from on-premise infrastructure, offering an extra layer of protection against ransomware targeting local systems. However, backups are only useful if they function correctly. Regular testing and training your team on the restoration process ensures a swift recovery if a ransomware attack disrupts your operations.
Beyond backups, minimizing your attack surface is crucial. This involves security hygiene practices that reduce potential entry points for attackers. Educating employees through regular security awareness training equips them to identify phishing attempts, a common tactic used to deploy ransomware. IBM’s ‘Cost of a Data Breach’ report, suggests that employee training is a particularly effective mitigator against data breaches saving organizations at least $232,867 per attack.
Regularly reviewing and tightening access controls for applications, networks, systems, and data helps minimize potential damage. The principle of least privilege should be followed, granting users only the access they need for their job functions. Taking advantage of built-in security features on devices and operating systems, such as firewalls, malware detection, and automatic updates, further strengthens your defenses. Reputable cybersecurity resources can provide easily digestible, jargon free guidance on establishing best practices for different systems. By implementing these measures, businesses can significantly reduce their vulnerability to ransomware attacks.
Cloud’s role in the fight against ransomware
Cloud security services provide additional layers of defense against ransomware. These services can continuously monitor your network activity for suspicious behavior, acting as a vigilant guard that utilizes the power of cloud infrastructure to identify and block potential threats before they can cause damage. Furthermore, cloud providers typically encrypt your data both at rest and in transit, adding an extra shield against unauthorized access. Disaster recovery services offered by cloud providers can also ensure business continuity by minimizing downtime in the event of an attack. Finally, segmenting your network using zero trust principles acts as a series of walls within your digital castle, containing a ransomware attack to the specific compromised segment and preventing it from spreading throughout your entire network.
By understanding how these attacks work and adopting a proactive approach, you can significantly bolster your defences. Regular backups, preferably stored securely in the cloud, are the cornerstone of any ransomware defence strategy. Cloud solutions offer additional benefits like continuous monitoring, data encryption, and disaster recovery capabilities.
However, defence goes beyond technology. Implementing security hygiene practices like employee training and strong access controls significantly reduces your attack surface. Leveraging built-in security features and multi-factor authentication further strengthens your posture. Remember, ransomware is constantly evolving, so staying informed about the latest threats and updating your defences regularly is crucial. By taking these simple steps, you can transform your business from a vulnerable target and be prepared for and mitigate against ransomware attacks.
We feature the best cloud antivirus.
This article was produced as part of TechRadarPro’s Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro
Ransomware casts a long shadow in today’s digital landscape, threatening businesses of all sizes with data paralysis, operational interruption, reputational damage and severe financial repercussions. The problem is particularly serious for mid-market organizations, with over half (57%) admitting they don’t regularly review and replace legacy systems, and a similar number…
Recent Posts
- How can businesses best mitigate against ransomware threats?
- These amazing projectors deliver incredible images and stunning sound
- ‘One of the wildest claims ever heard’: Finnish startup says it can speed up any CPU by 100x using a tiny piece of hardware with no recoding — and it might just be true
- Motorola teases new foldable Razr phones – here’s what to expect
- Blink’s new Moments tool stitches camera footage together into a single video
Archives
- June 2024
- May 2024
- April 2024
- March 2024
- February 2024
- January 2024
- December 2023
- November 2023
- October 2023
- September 2023
- August 2023
- July 2023
- June 2023
- May 2023
- April 2023
- March 2023
- February 2023
- January 2023
- December 2022
- November 2022
- October 2022
- September 2022
- August 2022
- July 2022
- June 2022
- May 2022
- April 2022
- March 2022
- February 2022
- January 2022
- December 2021
- November 2021
- October 2021
- September 2021
- August 2021
- July 2021
- June 2021
- May 2021
- April 2021
- March 2021
- February 2021
- January 2021
- December 2020
- November 2020
- October 2020
- September 2020
- August 2020
- July 2020
- June 2020
- May 2020
- April 2020
- March 2020
- February 2020
- January 2020
- December 2019
- November 2019
- December 2011