Ransomware – how worried should you be?
Whether you’re an IT professional or a business manager/owner, you may by wondering what groups are most exposed. Most businesses foolishly believe that having never been attacked is proof their defences are robust enough or they aren’t a target. The truth is, there is actually no limit to who an attacker may target. While a large company may be able to pay a larger sum, a small company may have invested less in a strong defence. The methods of delivery for malicious software makes the target even less obvious. Not every attack is specifically targeted. Many as you’ll see below can be completely random and opportunistic. If we can comfortably assume that everyone is a potential victim, the next question is “what is it like to come under an attack?”
Some people would say that a ransomware attack is like arriving at work and all of the computers have been stolen. That’s close, but an attack is more akin to the computers being there but there is no electricity. Sure you have devices, but you can’t use them the way you want to. Now imagine that the power won’t come back on until you pay your attacker. You’d be angry, losing business, but without many viable choices. You’re now about as close as you can be to imagining the pain of a fully advanced, ransomware attack. The most alarming part with ransomware involves two different areas. First its many entry points. Secondly, that a first attack may only be a sign of worse to come.
You may guess the main entry channels such as email attachments or downloading infected files, but those methods are simple enough to avoid with proper user training. New delivery methods are so ingenious that even the most careful user can be caught out. Today, simply visiting a website can begin an attack. Mainstream publishers such as the New York Times, the BBC, even sports companies like the NFL have previously been affected. Attackers used these site’s advertising banners to infect their visitors. Again, the most careful user is now vulnerable to these “drive by” style attacks. Add to this the impact of a world BYO devices bringing infections into your network, or internal devices being taken offsite and bringing infections back into your environment. Even the most popular, and therefore common, office productivity tools have been shown to be vulnerable to ransomware attacks.
But the threat and outcomes of any initial attack are only the start of a problem. Should a piece of software make its way onto your network, you’ve sent a signal to any potential attacker about your vulnerability. Should you be forced to pay, you’ve also sent a signal regarding your willingness to pay and the value of your data.
So the world is a scary place, what do you do? Well the strategy is first a choice about whether you start from the back or the front. You’ll need both, but where does your greatest weakness lie? A strong back up strategy is essential. New forms of ransomware are slowly finding paths into backups in an effort to ensure a user must pay but they aren’t there yet. Alternatively, keeping the ransomware out to begin with may be your best bet. The most important message to repeat is that simply having not been attacked yet is not proof that your environment isn’t vulnerable. In order to be truly sure you should consider…Enter CTA specific to page mechanics and offers available.
Welcome to Cisco!
How can I help you?
Please take a minute to tell us about your experience using Cisco Marketplace platform.