According to cybersecurity firm MonsterCloud, ransomware attacks, already rising before the pandemic struck, catapulted 800 percent during the covid-19 crisis. Experts suggest the jump was largely due to more people working from home where security networks weren’t as robust and protocols were not as strictly enforced.
Ransomware is a tactic by which criminals gain access to a device, such as a computer or laptop and implant a software bug that hijacks the device or network and holds the data therein hostage. As with cybercrime in general, ransomware is profitable. As Cybersecurity Ventures notes, cybercrime costs are expected to grow by 15 percent annually to reach $10.5 trillion by 2025. To put this into perspective, that would make cybercrime the third greatest “economy” in the world after the U.S. and China, the site reported.
Covid-19 has only fueled this growth, resulting in higher payoffs to get back stolen or compromised data. As theconversation.com reports, the average ransom payment has continued to climb, up 43 per cent from the last quarter of 2020 to an average of over $200,000.
The National Institute of Standards and Technology (NIST) recently drafted ransomware guidance for organizations with both onsite and remote employees. They include:
- Use antivirus software at all times. Set your software to automatically scan emails and flash drives.
- Keep computers fully patched. Run scheduled checks to keep everything up-to-date.
- Block access to ransomware sites. Use security products or services that block access to known ransomware sites.
- Allow only authorized apps. Configure operating systems or use third-party software to allow only authorized applications on computers.
- Restrict personally owned devices on work networks.
- Use standard user accounts versus accounts with administrative privileges whenever possible.
- Avoid using personal apps – such as email, chat and social media – from work computers.
- Beware of unknown sources. Don’t open files or click on links from unknown sources unless you first run an antivirus scan or look at links carefully.
- Develop and implement an incident recovery plan with defined roles and strategies for decision making. This can be part of a continuity of operations plan.
- Carefully plan, implement and test a data backup and restoration strategy and secure and isolate backups of important data.
- Maintain an up-to-date list of internal and external contacts for reporting ransomware attacks, including law enforcement.
- Use multi-factor authentication.
- Never leave devices unattended.
- Install antivirus/anti-malware protection
- Don't ever say, "It won't happen to me." Cybersecurity is everyone's responsibility. The best defense is to be vigilant and proactive.