Have you ever received a suspicious e-mail or message that asked for your password or personal details? Those kinds of messages are also known as phishing messages that use social engineering techniques.<\/p>\r\n\r\n\r\n\r\n
Clicking on those links, downloading those files, and entering your details on those suspicious sites can result in not just your personal data being stolen, but sensitive data from your company can also be affected.<\/p>\r\n\r\n\r\n\r\n
How is that possible? Because cybercriminals use those phishing messages to trick their targets into installing ransomware<\/strong> on their personal or company devices.<\/p>\r\n\r\n\r\n\r\n Ransomware is a type of malware (malicious software) that is designed to lock systems, files, or applications, preventing its user from accessing them. To regain access and prevent sensitive data from being leaked to the internet, users will have to pay a specific amount of \u2018ransom\u2019. Cybercriminals who use ransomware to attack their targets usually accept payments through wire transfers, credit card payments, or cryptocurrency.<\/p>\r\n\r\n\r\n\r\n However, even though ransomware itself has been around since 1989, the shift in working patterns ever since the COVID-19 pandemic has contributed to why ransomware attacks have been on the rise since 2020, as the Working From Home (WFH) policy has made it harder for companies to keep track of their corporate and employee devices, networks, and systems. This also explains why we have been getting lots of phishing messages lately.<\/p>\r\n\r\n\r\n\r\n Research<\/a>\u00a0 also found that 3.4 billion phishing e-mails are sent daily. Data from Statista<\/a>\u00a0also revealed that 2 out of 3 ransomware attacks are being carried out through phishing e-mails, and other sources of ransomware attacks include malicious file downloads and\/or online advertising that tricks people into getting infected by malware, or malvertising.<\/p>\r\n\r\n\r\n\r\n Nowadays, even people who don\u2019t have the specific skills or resources needed to launch a ransomware attack can easily attack with the availability of Ransomware as a Service (RaaS) on the dark web. With RaaS, ransomware developers can sell ransomware variants to all kinds of buyers, making ransomware an even more urgent problem in society.<\/p>\r\n\r\n\r\n\r\n In 2020, the US FBI\u2019s Internet Crime Complaint Center (IC3) reported that based on the cases reported to them, approximately $30 billion<\/a>\u00a0is the total amount of combined losses due to ransomware attacks. The 2022 Data Protection Trends Report<\/a>\u00a0by Veeam also found that out of the surveyed individuals and businesses, only 24% were not attacked by ransomware \u2014 or they were unaware of an attack, and only 16% were attacked once in 2021, while 60% were attacked twice or more.<\/p>\r\n\r\n\r\n\r\n Another factor that contributes to the rise of ransomware, in addition to the shifting working patterns, is the lack of proper cyber security training that companies give to their employees. Research by Statista<\/a> has found that in 33% of ransomware infection cases, the factor that contributed to the attack was the lack of training that the employees receive.<\/p>\r\n\r\n\r\n\r\n Over the past 2 years, there have been a lot of cases where giant companies get infected by ransomware. These are some of the notable cases:<\/p>\r\n\r\n\r\n\r\n Nvidia<\/strong><\/p>\r\n\r\n\r\n\r\n Nvidia, a manufacturer of Graphics Processing Units (GPUs), recently got their data stolen by ransomware group Lapsus$ on February 2022. The group claimed that they had stolen around 1TB of Nvidia\u2019s sensitive data. Nvidia has also confirmed that it has been hacked and that the hacker has leaked employee credentials and other information on the internet. Have I Been Pwned (HIBP), a data leak monitoring website reported that 71,000 Nvidia employees\u2019 credentials and passwords of their windows accounts have been stolen and shared on hacking forums.<\/p>\r\n\r\n\r\n\r\n University of California, San Fransisco<\/strong><\/p>\r\n\r\n\r\n\r\n The University of California, San Fransisco\u2019s School of Medicine\u2019s IT environment got attacked by The Netwalker Ransomware operators in June 2020. The attackers obtained some of the university\u2019s data and also made some of the School of Medicine servers inaccessible through malware that they launched. The university has confirmed that it paid approximately $1.14 million, to the attackers to unlock the encrypted data and get their data back.<\/p>\r\n\r\n\r\n\r\n Colonial Pipeline<\/strong><\/p>\r\n\r\n\r\n\r\n Colonial Pipeline, a pipeline operator in the US, experienced an attack on May 2021. The ransomware program that attacked the company was created by DarkSide. The hackers gained access to the company\u2019s shared internal drive, and the company has confirmed that it had paid the $5 million ransom to get the pipeline back up and running. The attack was caused by a breached employee password found on the dark web that was not protected by a Multi-Factor Authentication and not caused by a direct attack on the company\u2019s systems.<\/p>\r\n\r\n\r\n\r\n Quanta<\/strong><\/p>\r\n\r\n\r\n\r\n Quanta, Macbook\u2019s supplier, was attacked on April 2021 by ransomware group REvil. The attacker claimed to have stolen the blueprints for Apple\u2019s latest products at that time. REvil demanded $50 million ransom fee from both Quanta and Apple.<\/p>\r\n\r\n\r\n\r\n Accenture<\/strong><\/p>\r\n\r\n\r\n\r\n Accenture, a seattle IT consulting<\/a>, also became a victim of an attack carried out by ransomware group LockBit in August 2021. The group demanded $50 million for 6 TB of data from the company. According to VX Underground, which has a collection of malware source codes on the internet, stated that the attacker has released more than 2,000 files from Accenture to the dark web for some time. The files include case studies and presentations.<\/p>\r\n\r\n\r\n\r\n There are several things you can do to protect yourself from ransomware, these are some of them:<\/p>\r\n\r\n\r\n\r\n Regular backups<\/strong><\/p>\r\n\r\n\r\n\r\n We learned that ransomware attacks cause companies to lose access to their systems and data, so regularly backing up your data can help you ensure business continuity as you can always still restore your data. We recommend you invest in reliable backup software<\/a> instead of relying on manual backups. Veeam<\/a>\u00a0is a backup software that can help you by providing 100% ransomware-proof backups, and we can help to deploy Veeam for your enterprise.<\/p>\r\n\r\n\r\n\r\n Access control<\/strong><\/p>\r\n\r\n\r\n\r\n It\u2019s important to only give users access to the data that they need for their work so that monitoring can be done easier. We also recommend you always require Multi-Factor Authentication for users who want to access the company\u2019s systems or data, to prevent unwanted parties from gaining access.<\/p>\r\n\r\n\r\n\r\n Employee training<\/strong><\/p>\r\n\r\n\r\n\r\n We have learned from Colonial Pipeline\u2019s case that ransomware attacks can be carried out as a result of an employee\u2019s mistake or lack of security awareness. Companies can prevent this by regularly providing security training for their employees, and why is it important to always connect to the company\u2019s VPN, regularly check for software updates, use Multi-Factor Authentication, and beware of phishing messages.<\/p>\r\n\r\n\r\n\r\n Endpoint protection and monitoring<\/strong><\/p>\r\n\r\n\r\n\r\n Protecting and monitoring all your organization\u2019s endpoints is very important in preventing ransomware, but relying on manpower or having traditional Antivirus software may not be enough for this. We recommend you invest in endpoint protection software that can automatically detect and respond to threats before they infiltrate your corporate systems and networks. SentinelOne is an autonomous endpoint protection software that we offer and utilize here in Wowrack, and we can help you deploy it for your enterprise as well.<\/p>\r\n\r\n\r\n\r\n Read More: 3 IT Strategies to Combat Ransomware<\/a>\u00a0<\/p>\r\n\r\n\r\n\r\n How Wowrack Can Help<\/strong><\/p>\r\n\r\n\r\n\r\n Ransomware is a very urgent and crucial issue these days. Cybercriminals don\u2019t only target big corporations for their next ransomware attack. They can also attack end-users and\/or small and medium-sized companies.<\/p>\r\n\r\n\r\n\r\n However, protecting yourself and your company against ransomware doesn\u2019t have to be a complicated process. Your data security matters and we want to help prepare you so your business can continue to move forward in this era where cybersecurity is a top priority for everyone.<\/p>\r\n\r\n\r\n\r\n Wowrack Security Operation<\/a>\u00a0can help you prevent data loss and data breaches from ransomware by regularly monitoring your systems and networks for any compromised user. Wowrack Managed Services<\/a>\u00a0can also help you deploy Veeam<\/a>, a reliable backup software that can help you to recover all data quickly.<\/p>\r\n\r\n\r\n\r\n As mentioned previously, we also believe that protecting all your endpoints is important, and we can help you deploy SentinelOne for that. Moreover, with the growth of fake websites, we also think it is important for you and your employees to have a tool that can prevent you from clicking on suspicious links, and we can help you deploy Cisco Umbrella for that.<\/p>\r\n\r\n\r\n\r\nWhat is Ransomware?<\/strong><\/h2>\r\n\r\n\r\n\r\n
Ransomware Statistics and Trends<\/strong><\/h3>\r\n\r\n\r\n\r\n
Recent Ransomware Cases<\/strong><\/h3>\r\n\r\n\r\n\r\n
How You Can Protect Yourself from Ransomware<\/strong>?<\/h2>\r\n\r\n\r\n\r\n