It's one of the oldest attack methods, and it's getting more sophisticated. That's the narrative, at least. Turns out, it might not be entirely accurate.
Ransomware is the cybersecurity equivalent of a runaway freight train. Even though it's one of the oldest attack methods on the web, it's grown progressively more advanced, more prevalent, and more damaging and dangerous. All we can do is maintain backups and hope we don't end up in the crosshairs of a particularly sophisticated strain.
That's how the standard narrative goes, anyway. As is so often the case, what the media reports may not be entirely accurate. While it's true that successful ransomware attacks are on the rise, the reason is less that criminals have gotten more innovative than it is that security teams have gotten lazier.
"Whilst there has been an increase in the number of successful campaigns, it only points to the fact that security teams have been lax in taking adequate steps to secure their network assets," writes TechRadar Pro's Mayank Sharma. "That's the belief of Optiv Security, which goes as far as to suggest that the vast majority of companies who give in to their cyber-tormentor are victims of their own making. The company is of the opinion that most businesses find themselves in a “pay up or perish” position because of rampant cybersecurity malpractices that make them prone to ransomware attacks."
The thing is, Optive may not exactly be wrong. Pandemic aside, the past year and a half can best be described as a parade of egregious cybersecurity blunders. From Microsoft's failure to patch a major Exchange vulnerability for two months to the horrible mess with SolarWinds, even companies that should prioritize cybersecurity appear to be treating it as an afterthought.
In light of that, is it any wonder that ransomware, which still spreads primarily via phishing, is in the midst of a terrible renaissance? What's surprising is that we've not seen even worse. Some cynical part of us can't help but think that we will if we only give it a bit more time.
Regardless, while it's certainly true that there are highly sophisticated, highly advanced strains of ransomware in the wild, the likelihood that your business will be directly targeted by one is extremely slim. You're far likelier to be attacked by a hobbyist hacker or as part of a shotgun approach. With that in mind, we'd like to tie this piece off by reiterating our advice on defending your business against ransomware.
- Multiple, air-gapped, automated backups. As many as your business can support. That way, even if one backup is contaminated, you may have others still available.
- Mindfulness training. Teach your employees to recognize the red flags of a phishing scam and coach them in safe browsing practices.
- Email DLP/security. Ideally, you want to catch the majority of malicious emails before they end up in the inbox of your employees.
Ransomware is running rampant online. But it's not because of some explosive technological evolution or hacking collective. As is often the case, criminals choose the path of least resistance — and in this case, it's security teams not doing everything they should and executives not providing personnel with the necessary resources for effective security.