Every year, a spate of new horror movies is always released. Prime time TV ads tease you with scary imagery. Horror classics are rerun on many channels. Yet none of it seems as terrifying as the relentless onslaught of ransomware attacks.
These days, it seems the ransomware horror movie never ends, and the good guys don’t ever seem to win. The Global Threat Landscape Report from FortiGuard Labs lists statistic after statistic that curdle the blood and instill panic in IT personnel. Researchers summarized the situation as being a “clear and present danger regardless of industry or size.”
Read more: Best Threat Intelligence Feeds
The report compared June of 2020 to June of 2021:
- Last year, the average weekly ransomware attacks were almost 15,000.
- This year, they rose to almost 150,000 (an increase of 1,000%).
- More than 30% of those in government, telecom, automotive, and managed security service providers (MSSP) experienced ransomware attacks in the past year.
- The average in other sectors is about 25%.
Further studies serve to ramp up the fear. A recent study by Cloudian found that 49% of ransomware victims had perimeter defenses in place. In other words, ransomware is coming for you and there is NOTHING YOU CAN DO… right?
Ransomware Prevention and Genghis Khan
It is somewhat strange that the security firms tell us on the one hand that ransomware is everywhere, and we are all powerless to stop it. Yet on the other hand, we should deploy their tools to prevent it.
So, is an IT shop little more than a tiny village lying in the path of Genghis Khan’s ransomware hordes as they annihilate everything that stands against them? The lessons of history serve us well here. The advance of the Mongols was thwarted by little more than the building of walled cities. There is always something you can do.
Remember your IT history:
- Email scammers used to do quite well offering people millions to help with “financial transactions.” Awareness of the ploy has reduced its effectiveness considerably.
- Basic viruses were the bane of PCs in the nineties. That kind of attack no longer poses much of a threat, thanks to virus signatures in antivirus programs.
- A decade ago, trojans and other kinds of malware were the bane of IT. Again, almost all are routinely taken care of by scanners and signature-based tools.
In all likelihood, ransomware is just the latest hurdle that has to be overcome. It may take a year or more for it to be largely gotten under control. But eventually, enough safeguards will be in place that ransomware will fall from the headlines — although it is likely to remain a threat that IT must stay alert to.
Read more: NGFW vs WAF: Which Solution Is Best for You?
Best Practices to Prevent Ransomware Attacks
The moral of the story is that IT eventually finds a way to combat threats. Here are a few suggestions to prepare against ransomware incursions and minimize the potential for damage:
- Hire skilled security personnel or train existing IT staff on security via certifications.
- If necessary, bring in external help via consultants and MSSPs.
- Review patch management across the organization to ensure all priority patches are deployed.
- Scan for vulnerabilities and take remedial action on any issues detected.
- Add automation to areas such as patching, scanning, and security alerts to prevent overload.
- Review and implement data protection measures for backup and restore. Tools are now available to add ransomware protection to backups.
- Consolidate security and data protection apps onto fewer platforms.
With steps like this taken and other security measures diligently applied, the ransomware scourge can be kept at bay. And instead of the standard horror flick, where evil eventually triumphs, perhaps a different ending to the ransomware horror movie can be realized.
Read next: 5 Best Practices to Prevent Cyberattacks