There are several drivers behind the dramatic increase in ransomware attacks over the last year. One of them is that a majority of victims pay the ransom. Another is that many companies still lack basic cybersecurity hygiene on a consistent basis.
Without managed IT security in place, companies can miss important safeguards to prevent fileless attacks, cloud account takeovers and sophisticated malware attacks.
Security professionals have found that the biggest driver of the growth of ransomware is a new model created by large criminal organizations and state-sponsored hacking groups called Ransomware as a Service (RaaS).
Ransomware as a Service now accounts for nearly two-thirds of all ransomware attacks.
What is RaaS?
Ransomware as a Service was born out of the profitability of ransomware attacks. This form of malware has become very lucrative and easier for hackers to monetize than something like spyware or a virus.
For example, if a hacker infects a system with spyware, they must then spend time sifting through the stolen information. Then they list that information on the Dark Web for sale. They don't see a payout until it is sold.
In the case of ransomware, attacks are so devastating that companies often pay up in just a few days. This results in a sharp increase in ransom demands.
The current average ransom paid after an attack is $136,576.
There is not a lot of work that needs to be done to monetize the attack because the payoff comes directly from the victim.
Criminal groups looking to further expand on the profitability of ransomware have now created a model that works a lot like Software as a Service (SaaS).
Ransomware as a Service is a platform that wannabe criminals can use to purchase pre-built ransomware attack kits that contain all of the components that they need (as well as instructions).
RaaS services include things like:
- Ransomware code
- Phishing emails
- Phishing sites
- Step-by-step guides
- Help forums
- 24/7 customer support
- User rating systems for different types of ransomware bundles
RaaS has increased the number of attackers looking for a score on small, medium and large businesses by making it easy for anyone to launch an attack.
Users can pay as little as $40 per month to get started on a RaaS platform and there are several different pricing structures that they can use. Some include profit-sharing of the ransom and others are a flat rate.
Why RaaS is So Dangerous
RaaS is very dangerous because it has now become a major business model for large criminal groups and it means millions of dollars for the attackers and service providers.
This new service model makes it possible for novices and anyone wanting to “get rich quick” to conduct a ransomware attack. This exponentially increases the number of people conducting these attacks and the number of attacks that businesses have coming their way.
It is critical to protect your technology infrastructure from ransomware attacks as well as other online threats.
Tips for Protecting Your Company from Ransomware
A combination of preparedness and good cybersecurity hygiene is needed to ensure that you don’t become a ransomware victim. Here are some of the most critical components to include in your IT security plan.
Ongoing Patch & Update Management
Keeping all operating systems and software patched and updated is an important best practice. Ransomware can often get into a network by exploiting a vulnerability in software or OS code.
Keep your systems regularly patched and updated on an automated schedule. One great way to do this is through managed IT services.
Use Multi-Factor Authentication for All Accounts
Ransomware can attack cloud accounts just as easily as on-premises devices. One of the best ways to keep your cloud accounts from being hacked is to protect them with multi-factor authentication.
Back-Up All Data & Test Your Backups Regularly
A company often has a backup of their data but they have never tested it. When a ransomware attack occurs, they are not sure how fast restoration will happen and they make a quick judgment call to pay the ransom instead and hope that it will be faster.
Along with backing up all your data, you should regularly run through the data restoration process to ensure that it is optimized and that your team can react quickly if needed. This will save you from needing to make that decision on whether or not to pay the ransom.
Conduct Ongoing User Phishing Awareness Training
Phishing remains the #1 conduit for all types of malware (including ransomware). By improving your users’ detection skills, you can significantly reduce your risk of a breach.
Conduct regular phishing training and simulated drills to hone their skills.
Put IT Security Best Practices in Place
It is important to have a foundation of best practices for your cybersecurity strategy.
This includes items like the following:
- Advanced antivirus/anti-malware
- DNS filtering
- Email spam/phishing filtering
- Zero-trust strategies, such as application ring-fencing and safe-listing
- VPN for remote teams
- Ongoing network threat monitoring
Schedule a Security Checkup Today!
Don’t stay in the dark about your defenses against Ransomware. Sound Computers can provide your Connecticut business with a full security checkup to let you know where you stand.
Contact us today to schedule a free consultation. Call 860-577-8060 or reach us online.