In this age of accelerated technological progress, ransomware is quickly evolving into one of the world’s most prominent cybersecurity threats. It is estimated that a ransomware attack is launched against any organisation, individual, or device every 11 seconds in 2021, and the frequency of such attacks is expected to only increase to one attack every two seconds by 2031. The rise in ransomware is primarily fuelled by how the rapid digitalisation of society allows cybercriminals to unleash attacks on a wider range of targets with greater ease and sophistication.
Singapore is by no means exempted from confronting the cybersecurity threat of ransomware; the Cyber Security Agency (CSA) reported that these malignant attacks surged up by a record-annihilating 154 per cent in 2020 alone from 2019’s 35 cases. Unfortunately, businesses can expect this trend to continue into 2022 and the years following it.
While present and future circumstances look dire, it is not too late for anyone to take the necessary steps to mitigate the risk of ransomware attacks. That said, let us explore the ways your organisation can safeguard its information and devices against these malevolent threats. But before we get into that, let us give you a clearer picture of what ransomware is precisely.
As its name suggests, ransomware is a type of malicious software (malware) designed to prevent or restrict access to a victim’s computer system, inclusive of its files, applications and database, until a sum of ransom money is surrendered. The most common type of ransomware attack, crypto ransomware, usually involves cybercriminals encrypting crucial files and data on infected systems to render them inaccessible to users. This is done to force users to pay the ransom in exchange for a decryption key, which is the simplest and cheapest mode of re-entry into their computer database or its specific contents. Other variants of ransomware attacks include lockers, double extortion ransomware, and ransomware as a service (RaaS).
Ransomware attacks are especially prevalent in today’s business world, as companies are likely to yield to paying ransoms to regain access to their data as quickly as possible. Companies’ frequent submission to such attacks is also warranted in light of the sheer costs they can incur; as the ransomware spreads across a company’s network and disrupts its various servers, this restricts personnel from accessing business data, thereby hindering business continuity and operations, and potentially snowballing into significant losses like impaired client relationships.
For small companies, particularly, the costs of a ransomware attack can be too much to bear. Even if they manage to recover their data, small businesses may suffer from bankruptcy due to ransomware attacks. In general, any cyber-attack, not just those which employ ransomware, can spawn disastrous outcomes for small enterprises. According to the US National Cyber Security Alliance, 60% of such companies go out of operation six months after facing a cyber-attack.
Cybercriminals often utilise ransomware in conjunction with social engineering techniques, most notably phishing, to infiltrate a victim’s computer system. Phishing occurs when cyber threat actors send malicious emails or Short Message Service (SMS) texts that appear to come from a reputable source to trick victims into handing over sensitive data or installing malware. During an organisation-targeted phishing attack, an employee may have accidentally downloaded ransomware by clicking on a suspicious email attachment or visiting an infected website.
Another tactic in the arsenal of cybercriminals is using scareware to distribute ransomware across an organisation’s network of devices. Scareware is also a social engineering scheme, and it consists of deceiving users to download malware while under the impression that they are installing security software.
In essence, when a user’s cybersecurity awareness and education is low, there is always a higher risk of falling prey to ransomware attacks. This is because, as mentioned, ransomware attacks depend on social engineering, which in turn leverages upon errors in human judgment to work. However, it is not just human error that makes one vulnerable to ransomware attacks. Using devices with outdated software and no cybersecurity installations can also increase an individual’s risk of becoming a ransomware attack’s victim.
Ransomware attacks on your organisation can be avoided, provided you follow these tips:
Ransomware often breaches a device when a user clicks on suspicious links in spam messages, emails, or unknown websites. The moment you open a link containing hidden ransomware, your device automatically downloads the malicious content, which then allows ill-intentioned hackers to either block you from accessing certain data files or lock you out of your device entirely. Hence, regardless of your curiosity, always ensure you do not click on unsafe links or suspicious email attachments.
Picking up a ‘free’ USB stick you happen to find lying around in some public place for your personal use can be enticing, especially when it feels as though you have saved money from not purchasing a new one. However, this is a massive cybersecurity red flag. Unknown USB flash drives and other storage media may contain ransomware, or any other type of malware, that can infect your system the moment you plug them into your computer port. Therefore, never connect storage media to your device if you do not know where they come from.
Regardless of the operating systems (OS) you use, regular software updates and security patches are necessary. It is more challenging for cybercriminals to exploit your system's vulnerabilities and attack it with ransomware when you have the latest security updates installed. Let us learn from the infamous 2017 WannaCry ransomware disaster; a main reason the ransomware could spread and cause damage as fast as it did was the failure of many corporations to install a critical Windows security update, even two months after its release. Hence, as much as possible, avoid using out-of-support OSes and keep all of your software up-to-date.
More often than not, it only takes one leaked credential to wreak havoc on your organisation’s system. For this reason, it is crucial that you allocate user privileges carefully, as well as educate your personnel on how to correctly manage and protect their privileged credentials. It would be best for users granted special access to sensitive organisational data to understand and follow stringent protocols on how to properly handle the responsibility given to them. Of course, training all your employees in cyber incident planning and response is just as important; an organisation is only as strong as its weakest link, after all.
Whether you are the CEO of a large corporation, or the owner of a small or medium-sized enterprise (SME), investing in cybersecurity solutions against numerous threats like ransomware is a must. Rather than reacting to cyber-attacks as they happen, it saves you and your organisation more resources in the long run to implement proactive cybersecurity measures which prioritise stamping out your system’s vulnerabilities before they can be exploited. Regular penetration testing services in Singapore are something you may want to consider – it involves testing your cyber defence structure for exploitable weaknesses via an authorised hacking simulation.
One of the most critical pieces of advice that every cybersecurity expert will tell you is to back up your data offline. Data backups are vital to mitigate the consequences of a ransomware attack. If you can quickly access your backup and resume business operations, you do not have to be as fearful of your company data being encrypted by a ransomware attack.
Prevention is better than cure, and this saying holds true when it comes to combatting ransomware. By maintaining a robust cybersecurity infrastructure and ensuring everyone stays vigilant, you can safeguard your company data from a ransomware attack.
At GROUP8, we understand the need for a solid cybersecurity system. This is why we offer a suite of industry-leading cybersecurity solutions, including CREST-certified penetration testing, phishing detection, and web application vulnerability scanning to protect your networks against the rising threat of ransomware. For those on the lookout for cybersecurity services in Singapore, do not hesitate to contact us at GROUP8 for our trusted and diverse range of solutions.