NotPetya proves that businesses around the world are not prepared for ransomware.
Ransomware attacks are nothing new, but as recent events have shown, their effectiveness and level of impact have grown. The fact that so many businesses in Russia, Ukraine and the US suffered disruption in operations, loss of business and reputation after the second attack in as many months shows that enterprises continue to lack proper precautions and practices for defending against and successfully responding to ransomware attacks.
Legal, healthcare and financial services enterprises are the most susceptible to ransomware attacks (and negative data security incidents generally). Case in point: a major Ukrainian bank, international law firm and US hospitals were the primary targets of the June 27 ransomware attack, in addition to a major Russian oil company. These types of businesses stand to lose the most, given the value of the customer information and IP they handle daily.
If you’ve been hit once, you’re more likely to be hit again, especially by ransomware and other malware variants. You should tally:
- Active and past attempts by hackers to infiltrate your network
- Past attempts at Distributed Denial-of-Service (DDOS) against you;
- Number of Viruses, malware, and ransomware threats introduced unintentionally through emails and browsers and compromised devices;
- Deliberate theft or sabotage of data or devices by employees;
- Accidental viewing or reception of confidential data by unauthorized parties
- Data loss through hardware or software failure or known bugs
to better understand your current risk. Reassess your risk often, as it will always change. Actual costs of a negative data incident can be difficult, but not impossible to quantify. What if 5 percent of your terminals are infected with ransomware? What if one is? A recent study by Deloitte shows that a single compromised laptop containing 2.8 million healthcare records is equivalent to about $1.7 billion in losses to an organization.
Development of “hard” cybersecurity tools
- Endpoint backup is the single most effective defense against ransomware attacks. It’s not a complicated solution, either. If an endpoint becomes infected with ransomware, simply roll it back to a stored previous version that predates the infection. Simple.
- Encryption and DRM are also critical in combatting ransomware. If your data is compromised, you want to know first that it’s encrypted and therefore initially unusable by attackers. Secondly, DRM can allow you to revoke all access to files remotely, further diminishing the likelihood that information will be valuable to attackers and that, although stolen, it won’t be leaked to malevolent parties.
- Understand how your Internet of Things and the number of vulnerabilities in your IoT are growing. Connected devices are coming to officers at an accelerated rate – internet-connected door locks, coffee machines, refrigerators, not to mention consumer devices employees use to access and edit corporate information. Do these devices support anti-malware and antivirus software? How easy are they to hack into? If you’re not 100 percent sure that a device can withstand attacks, then it shouldn’t be connected to your corporate network, even behind a firewall.
Development of “soft” cybersecurity tools
- Educating staff about Phishing and engraining in them that they should never click mysterious links or open unsecured attachments
- Ongoing education and training on the latest data security threats, how malware enters corporate systems, and so on
It’s a matter of “when” something goes wrong, not “if.” What’s your plan if ransomware strikes? How quickly and effectively can you roll back systems, if at all? How will you revoke access if a system is destroyed or lost? Which data takes precedence?
Protecting your business from ransomware isn’t rocket science. Starting with endpoint backup and encryption, remote wiping, DRM and employee training is half the battle. See how Vaultize covers these bases and more by scheduling a conversation with our team.
Read more about endpoint backup.
Vaultize is an innovative data security company that allows customers to track and control their documents from creation to deletion on any device, anywhere. From CYA to compliance, Vaultize provides data protection without restricting use. Vaultize’s platform utilizes DRM and encryption to secure any and every file, protect those files no matter where they travel, and provide visibility into who is accessing them and how they are being used. The Vaultize platform is nearly transparent to users, scalable and flexible to deploy. For more information, visit www.vaultize.com.