The rise of ransomware - what you can do to protect yourself

The rise of ransomware – what you can do to protect yourself

  • SSS GRC Team
  • May 24, 2021

With the rise of ransomware, it seems that weekly we read in the media about a cybersecurity breach or cyber attack, with several prominent New Zealand organisations targeted in recent months. CERT NZ reports that in 2020, New Zealand organisations and individuals suffered financial losses of almost $17m based on 14% of reports made to them.

Cyber attackers aren’t picky – any organisation in any industry could be at risk with cyber attackers often looking for the easiest way to gain access. Although still early in the investigation, it is believed that attackers targeted Waikato DHB in May 2021 using a malicious email attachment resulting in significant impact to the organisation, staff, and patients.

Sophos recently published their whitepaper “State of Ransomware 2021“. One of their findings listed in the report is that internationally only 8% of all people who paid a ransom received all their data back.

With the rise of ransomware attacks, it is a good time to look at what you can do to help mitigate the risk and better protect yourself.

Oftentimes, the reality for many victims is that the day you become aware of the attack is not necessarily the first time criminals gained access to your systems – they may have been present for a while.

Train your staff to help you defend against cyber attackers

Over the last couple of decades, tools have been developed which make it difficult for criminals to access your systems directly. This forces them to change their modus operandi, and for some time now the easiest way to break in is to trick your staff into performing an action of sort (such as clicking a link, opening an attachment, inserting a USB device, and others). Even with the best processes and tools in place, attackers will find success by actively targeting unsuspecting staff.

At SSS, we believe that training all your staff on how criminals may try to trick them to perform an action provides the best value for money to help protect you beginning at the front line. There is a misconception that cybersecurity and issues like ransomware are only limited to your technical staff, when in reality any staff with access to a computer and your network could become a victim. In the case of the Waikato DHB it is suspected that the attackers launched the attack via an email with a malicious attachment. Whilst emails were once poorly written and easy to identify, these criminals have become more sophisticated, vastly improving their written language and ability to make fake emails look legitimate.

We offer effective and proven security awareness training tailored to your organisation. We recognise that users of technology are experts in their own field, and not necessarily technologists, therefore we ensure our messaging is understood by all staff regardless their technical background and experience.

Read More

There are some important things that the experts recommend you can do right now to help you mitigate malware and ransomware attacks

The UK National Cyber Security Centre provides some important information and tips on how you can mitigate malware and ransomware attacks. They also provide some advice on what you can do if you have already been infected with malware.

Some of their advice include:

  • Performing regular backups.
  • Employing solutions to help you prevent malware from being delivered and spread to devices which include controls such as multi factor authentication and using a robust VPN for remote access to services.
  • Taking steps to prevent malware from running on devices.
  • Preparing yourself for an incident.

Additionally CERT NZ also recommends:

  • Updating your operating system and apps when new versions are available.
  • Installing antivirus and anti-ransomware software.
  • Installing a firewall.
  • Don’t enable macros in Microsoft Office.
  • Keeping your support contracts with your security solution providers up to date.

CERT NZ enables you to easily report cyber attacks and they often publish information on current attacks and vulnerabilities.

Speak to us if you need help

We can help you prepare for, as well as manage your incidents.

We offer a range of tools, services, and solutions that can help you and your staff better protect your organisation and your systems regardless of where you might be in your security journey.

Speak to us if you need help: email us on sales@sss.co.nz or contact us at 04 917 6670.

Sophos Intercept X is one of the most powerful tools to help you mitigate your risk

Intercept X includes anti-ransomware technology that detects malicious encryption processes and shuts them down before they can spread across your network.

Here are some of what Intercept X offers you:

  • Stop unknown threats – Deep learning AI in Intercept X excels at detecting and blocking malware even when it hasn’t been seen before.
  • Block ransomware – Intercept X includes advanced anti-ransomware capabilities that detect and block the malicious encryption processes used in ransomware attacks. Files that have been encrypted will be rolled back to a safe state, minimising any impact to business productivity.
  • Prevent exploits – Anti-exploit technology stops the exploit techniques that attackers rely on to compromise devices, steal credentials and distribute malware.
  • Layered defences – The combination of modern and traditional techniques reduces the attack surface and provides the best defence-in-depth.
  • Synchronised security – The suite of Sophos tools is designed to work extremely well together – a well oiled machine.

With Sophos the cost of recovering from ransomware is a lot less than with some of the other available solutions. Sophos also offers advanced cleanup as part of your subscription.

If you would like to see a demo, or find out more if Sophos Intercept X is right for you, contact us on 04 917 6670 or sales@sss.co.nz