3 min read

Pro tip for 2018: treat the ransomware threat like an imminent hard drive failure

Filip TRUȚĂ

January 26, 2018

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Pro tip for 2018: treat the ransomware threat like an imminent hard drive failure

With the General Data Protection Regulation knocking on everyone”s door, breaches will have to be taken more seriously than ever. At the same time, new data indicates that ransomware attacks are rising steeply, which means neither organizations nor regular users can afford to sit around with their arms crossed.

Ransomware attacks doubled in 2017, and were the primary driver of an overall increase in total incidents, according to the latest Cyber Incident & Breach Trends Report from the Online Trust Alliance.

Reported cyber incidents targeting businesses also nearly doubled (from 82,000 in 2016 to 159,700 in 2017). However, since many cyberattacks are never reported, the alliance believes the actual number could be much higher.

Attacks seeking ransom accounted for half of all reported incidents. These included malware-laced phishing attacks, malvertising, drive-by malware, and even a new form of ransomware combined with denial of service (RDoS), where the attacker threatens to attack via denial-of-service if ransom is not paid.

In any case, ransomware has become a massive problem. From the massive WannaCry and Petya/GoldenEye contagions in 2017 to the more recent highly-targeted attacks hitting healthcare providers one after another, everyone is now a blip on cybercrooks” radar.

Bitdefender predicts that ransomware will become more advanced and more sophisticated in 2018, potentially even using the GPU in your computer to speed up the encryption process. And ransomware-as-a-service platforms will make the threat even more accessible to one-off hackers, boosting the volume and complexity of ransomware samples to emerge this year.

But the real reason ransomware poses such a problem for everyone is its anatomy.

Why is ransomware so popular?

Ransomware is a highly efficient, highly lucrative form of malware. Three major drivers have propelled it to its sudden infamy:

  1. Ransomware can infect a computer through an array of attack vectors – from social engineering and spam to drive-by attacks, rigged popular applications, vulnerabilities, and malvertising – and render all data on that machine unusable.
  2. Until recently, you had to know code to hack someone; today, anyone can go to the Dark Web, buy the ransomware of their choosing, and attack.
  3. The anatomy of ransomware ensures that the damage produced is substantial while the attacker can remain completely anonymous, whether you pay him or not.

How to mitigate risk?

According to the same report, some 93 percent of all breaches could have been avoided had simple steps been taken. These can include:

  • regularly update software
  • block fake email messages using email authentication
  • train people to recognize phishing attacks
  • use browser-based scanning for malware
  • limit administrative access to data to contain the spread of an infection
  • use DDoS protection services to limit the impact of an attack

For large businesses, OTA makes the following recommendation:

“…since some organizations may determine that paying a ransom is the necessary course of action for a given incident, and Bitcoin is the most common form of payment request, it is recommended that organizations set up a Bitcoin wallet in advance. This type of proactive planning is not unlike establishing relationships in advance with crisis management firms, forensics specialists and law enforcement – it is easier to make logical, informed decisions during the calm than it is during the storm.”

However, most cybersecurity experts agree that victims should refrain from paying the ransom, as payment encourages criminals to strike again, and gives rise to new legions of hackers. Some law enforcement agencies advise the same.

At the same time, those same agencies (including the FBI) agree that sometimes the damage from lost data can be so large that it”s better to just pay and hope that the hackers stick to their end of the bargain – decrypt the data. But…

What if I don”t want to pay the ransom?

Since your data is inaccessible and unusable, getting infected with ransomware is the same as having your hard drive fail on you. And, make no mistake, hard drives do fail eventually!

“Viewing ransomware as an imminent hard drive failure points toward the simplest measure you can take: keep regular, offline backups of your important data,” says Bogdan Botezatu, senior e-threat analyst, Bitdefender. “This way, even if you get infected, you can always recover your important data, whether it”s photos of your cat, or millions of dollars” worth of intellectual property.”

For more peace of mind, use a trusted antivirus solution. Bitdefender offers ransomware protection that sniffs out suspicious behavior before you can make a mistake and get infected. It is particularly paranoid about the security of your Documents folder or any other folder you deem highly sensitive, but it also keeps a close check on all files on your system. For Mac users, Bitdefender offers Time Machine backup protection – to make sure ransomware and attackers can”t touch your backups.

tags


Author



Right now

Top posts

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

October 22, 2021

2 min read
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

October 20, 2021

3 min read
What Is a VPN, How Does It Protect Me, and What Cool Perks Does it Offer?

What Is a VPN, How Does It Protect Me, and What Cool Perks Does it Offer?

September 23, 2021

2 min read
Ultimate Privacy Guide for Your Facebook Account

Ultimate Privacy Guide for Your Facebook Account

August 31, 2021

6 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Tesla reverses "Full self-driving" beta update after sudden braking reports Tesla reverses "Full self-driving" beta update after sudden braking reports
Graham CLULEY

October 27, 2021

2 min read
Ukrainian Police Arrest Underground Darknet Group Laundering Cryptocurrency for Hackers Ukrainian Police Arrest Underground Darknet Group Laundering Cryptocurrency for Hackers
Silviu STAHIE

October 26, 2021

1 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords
Filip TRUȚĂ

October 26, 2021

3 min read