Cindi Carter, Field CISO Americas, Check Point Software
Ransomware attacks are increasing in frequency, ferocity and brutality. In 2021, 37% of global organizations fell victim to a ransomware attack. In 2022, that number soared to 66%, hinting at the exceptionally aggressive tactics employed by attackers and the catastrophic consequences that are draining business resources.
Ransomware attackers deliberately destroy systems for their own gain. Ransomware can result in data compromise, loss of revenue, executive turnover and other disruptive and disheartening business outcomes.
Defeating and preventing ransomware starts with understanding it. Learning about how it works can help you and your teams put the strongest safeguards in place.
It pays to prevent ransomware
The average ransomware attack costs organizations $4.62 million dollars. Regardless of what your organization expects to pay in ransomware remediation, there are typically hidden fees, such as the opportunity costs associated with diverting IT resources away from other activities, and loss of client trust, leading to limited revenue.
How to prevent ransomware
Preventing ransomware isn’t easy, but the following steps can help.
1. It can be challenging to stay organized when it comes to patching all vulnerabilities that can lead to security issues. Vulnerability scanners and advanced network security can help organizations get patch management under control.
2. Have an immutable copy of your data (or multiple).
3. Prevent phishing attacks, as a large portion of ransomware attacks occur via phishing emails.
4. If your organization is going to pay a ransom, negotiate on the payment price. JBS Foods negotiated a $22.5 million ransom payment down to $11 million.
5. Take resilience to the next level. Create a cyber security strategy that focuses on prevention. Many organizations focus on detect, respond and recover, and in order to protect from ransomware – we need to protect. Going beyond resilience to anti-fragile means that we need to bounce back stronger, better than we were before a security incident occurred.
6. Continually educate your end-users. Increase security awareness among employees and equip them with the necessary knowledge and tools to protect your business from a cyber attack.
7. Make sure that firewall policies aren’t just out of box. Ensure that passwords are unique, and that the configuration corresponds to the needs of your business.
8. Harden your systems and your users in terms of software development processes.
9. DevOps has been around for a very long time. Make sure that you’re doing DevSecOps: Look left. Shift left at the very beginning of the development lifecycle to build security into the platform. Ensure that your code is written in a secure manner. Educate your software developers on what an SQL injection looks like, on how to write secure code, and on how to scan their code while they’re developing.
More helpful ransomware prevention tips
Take a multi-layered approach to ransomware prevention.
The architecture matters. Understand your data flow. Understand where your data comes from, where it’s going to, and who has access to it. What type of data is it? Is it protected health data (PHI) or is it personally identifiable (PII)? What type of access is necessary at any point in the data journey?
Really do the data flow modeling so that as you’re moving applications or email collaboration and such to the cloud, you’re making sure that you have all of the preventative measures around it. Cloud is a shared responsibility between you and the provider.
Review the concept of anti-fragile in greater depth so that you can not only bolster, but come out stronger from disorder. Anti-fragile: Things That Gain From Disorder.
For more ransomware prevention insights, see CyberTalk.org’s past coverage. Lastly, to receive more timely cyber security news, top-tier reports and cutting-edge analyses, please sign up for the cybertalk.org newsletter.