Regularly updating the software used and constantly monitoring what happens within the company network are just some of the suggestions to follow to navigate away from the cyber attacks present in the Cisco guide published on the occasion of European Cyber Security Month in October 2022
Ransomware is a malicious program that encodes the victim’s data. In order to access the encrypted data, a ransom is requested, which can vary from a few hundred to millions of euros, often in untraceable cryptocurrencies. Once the ransom is paid, the hacker sends a decryption key that allows you to restore access to the data.
There are four main methods through which ransomware attacks occur: phishing via email, fraudulent communications that appear to come from a reliable source; malvertising, advertisements which, once clicked, install malicious software on the user’s device; Social Engineering, which induces the user to “trust” the hacker and carry out compromising actions; exploit kits or programs, or parts of code, designed to find and exploit a security flaw or vulnerability in an application or computer system.
Other techniques are instead used in order to increase the earning potential. For example, they were compromising backup systems so that administrators could not use them to restore encrypted data. Defending against Ransomware is a continuous challenge as the sector is constantly and rapidly evolving: increasingly sophisticated types of attacks, new groups of cyber criminals, and new technologies such as Ransomware-as-a-Service (RaaS), a ready-to-use solution.
Use that also allows criminal groups without particular IT skills to “rent” the malicious software and concentrate only on choosing the victim to attack. It is often thought that the only solution to restore data is to pay, but is it really the right choice? Security experts strongly advise against payment.
First of all, to stop the attack cycle, an attacker who receives compensation will undoubtedly be more motivated to target the same company, knowing that he will most likely pay again. Secondly, spending does not mean that your data will be automatically restored or that sensitive information will not be disclosed to other criminals.
How To Avoid The Risk Of Being Infected
However, some Cyber Hygiene practices allow you to acquire greater IT security by removing the risk of being affected. Let’s see them.
- Prevent infiltration. Most ransomware attacks occur via a malicious email attachment or download. However, you can block suspicious websites, emails, and extensions through a layered protection approach and a secure, company-approved file-sharing program.
- Keep company network activities under control. It is essential to be able to see what is happening within the company network: only in this way is it possible to discover suspicious activities and attack attempts. The only way is to choose a cybersecurity solution that brings together all the information, analytics, and ability to respond to an attack quickly in one place. It is essential to take an accurate and up-to-date inventory of your computer resources: older and forgotten machines often provide a gateway for attackers.
- It knows the enemy through Threat Intelligence. It is highly recommended that you stay informed about the latest risks and defensive tactics, have a solid incident response plan in place, and be able to handle unexpected threats.
- Regularly update the software used. Constantly checking and applying the latest updates is strongly recommended. Hackers are always on the lookout for unpatched software – using an updated program is one of the most effective ways to avoid an attack.
- Take advantage of backup. Always backup your data so that it can be recovered in case of an emergency. Store backups offline so cybercriminals can’t find them. Develop a data recovery plan that can help achieve large-scale recovery while ensuring business continuity.
- Beware of human error. Sharing knowledge on IT security is everyone’s duty: employees, collaborators, and managers must be familiar with good protection practices, be informed about the importance of changing and guarding passwords well, and know how to recognize a phishing email and what to do if they receive suspicious communication.