01 4975859 ​​conor@ryanandcrowley.com
Ryan & Crowley Chartered Accountants
  • Home
  • Who We Are
  • Services
  • Clients
  • Budget 2023
  • Latest News
  • Contact
  • Business to Business

    Providing Step by Step Guidance

    Get in touch for your free consulation today

    Contact Us
  • Diversity

    Hands On, Client focused approach

    Get in touch for your free consulation today

    Contact Us
  • Over 30 Years Experience

    Insight into all aspects and types of business

    Get in touch for your free consulation today

    Contact Us

RANSOMWARE - THE CRITICAL CYBER THREAT TO GLOBAL BUSINESSES IN 2021

28/7/2021

0 Comments

 
Picture
Ransomware extortion has rapidly become the key cyber threat to organisations globally. Organisations’ increasing reliance on digital services and interconnected business, IT and operational systems has led to rising profitability of cybercrime and ever more advanced cybercriminal tactics. In the past year, the COVID-19 pandemic has heightened such threats. This has encouraged advanced cybercriminal groups to deviate from traditional cybercrime and fraud in favour of ransomware extortion and is also driving less technically capable cybercriminals to adopt such methods.
The financial impact of ransomware on business can be crippling; some estimates place the total annual cost of attacks globally, including ransom payments and remediation costs, at approximately USD 170 billion. The average cost of a ransomware attack in the UK in 2019, was £800,000. Operational downtime, out-of-hours and stretched resources, ransom payments, third party support and system rebuilds all make such incidents costly to remediate.

Encrypting, stealing, and threatening to leak data is no longer the only extortion method used by ransomware groups. Over the past five months, we have observed an increase in ransomware and other cybercriminal groups using alternative extortion techniques to coerce victims to pay. These range from extortive and disruptive distributed denial of service (DDoS) attacks, to extortive data-wiping attacks, to claims to have planted backdoors in software products, to auctioning or selling stolen data to the highest bidder. Ransomware groups can apply all of these techniques without the need to encrypt victims’ data.

The re-emergence of these alternative techniques demonstrates that cybercriminals are becoming increasingly aggressive in their extortive attacks. In 2021, we expect ransomware groups to continue exploring new and increasingly disruptive methods of extortion. This will almost certainly include the use of emerging technologies, such as deepfakes, which will further enable less skilled cybercriminals to extort businesses, executives, and individuals.

For cybercriminals, there remains a constant trade-off between profits and security against law enforcement and rival groups. For organisations, mitigation measures – built on proactive, threat-led cyber security solutions and well-rehearsed and realistic ransomware crisis scenarios – can prevent increasingly capable ransomware groups from forcing your business into a situation where a ransom payment is an enticing option.

To protect your organizations and assets from ransomware, apply the following nine tips:
  1. ​Back up your company's data regularly. If something goes wrong, you should be able to quickly and easily revert to a recent backup. This won't protect you from being the target of an attack. But if you're ever attacked, the fallout won't be nearly as devastating.
  2. Keep software updated. Ransomware attackers sometimes find an entry point within software by exploiting any vulnerabilities. Fortunately, some developers actively search for new vulnerabilities and patch them.
  3. Use better threat detection. Most ransomware attacks can be detected and resolved before it's too late. To maximize your chances of protection, have an automated threat detection system in place.
  4. Adopt multi-factor authentication which forces users to verify their identities in multiple ways before they're granted access to a system. If an employee's password is ever leaked to a criminal, the attacker won't be able to gain easy access to your systems.
  5. Use the principle of least privilege. Employees should never have more access to data than they truly need. Segmenting your organization and restricting access can provide a kind of quarantine effect, minimizing the impact of a potential attack and limiting the vectors of access.
  6. Scan and monitor emails and file activity. Emails are the default choice of cybercriminals running phishing schemes. Scan and monitor emails on an ongoing basis, and consider deploying an automated email security solution to block malicious emails from reaching users. Also, consider scanning and monitoring file activity.
  7. Improve employee training. Most ransomware attacks are the byproduct of bad employee habits or pure ignorance. Someone may voluntarily give out their password or download an unfamiliar file. With better employee training, the chances of this happening are much lower.
  8. Don't pay the ransom. If your organization happens to be the victim of a ransomware attack, don't pay the ransom. It might seem tempting to get out of this bad situation as quickly as possible. But even after paying the ransom, there's no guarantee the attacker will be true to their word.
  9. Use anti-ransomware solutions. To achieve its objective, ransomware must perform certain anomalous actions, such as opening and encrypting large numbers of files. Protecting against ransomware that “slips through the cracks” requires a specialized security solution. Anti-ransomware solutions monitor programs running on a computer for suspicious behaviour commonly exhibited by ransomware. If these behaviours are detected, the program can stop any encryption before further damage is done.
0 Comments

Your comment will be posted after it is approved.


Leave a Reply.

    Archives

    December 2022
    November 2022
    October 2022
    September 2022
    August 2022
    July 2022
    June 2022
    May 2022
    April 2022
    March 2022
    February 2022
    January 2022
    December 2021
    November 2021
    October 2021
    September 2021
    August 2021
    July 2021
    June 2021
    May 2021
    April 2021
    March 2021
    February 2021
    January 2021
    December 2020
    November 2020
    October 2020
    September 2020
    August 2020
    July 2020
    June 2020
    February 2020
    January 2020
    December 2019
    November 2019
    October 2019
    September 2019
    July 2019
    June 2019
    May 2019
    April 2018
    March 2018
    December 2017
    July 2017
    May 2017
    April 2017
    March 2017
    February 2017
    October 2016

    Categories

    All
    Brexit
    Budget
    Business
    Company Law
    Covid 19
    Covid-19
    Customs
    Employment Law
    Energy Efficiency
    Export
    Finance
    Foreign Exchange
    Franchising
    Legal
    Offshore
    Revenue
    Tax
    VAT
    Working From Home

    RSS Feed

Picture
We create custom business to business strategies.

Over 30 years of experience
Privacy Policy | Cookie Policy

SITE MAP

About Us

Our Services

News

Budget 2019

Contact Us




CONTACT DETAILS

  • Unit 3A, Block 3,
    Bracken Business Pk, D18V4K6

  • 01 4975859
  • 01 4977782
  • conor@ryanandcrowley.com
  • ryanandcrowley.com

    QUICK CONTACT

Submit
© 2023 Ryan & Crowley Chartered Accountants
Powered by Create your own unique website with customizable templates.