Facebook Twitter Instagram YouTube LinkedIn
    Facebook Twitter Instagram LinkedIn YouTube
    Trending
    • IDS Alliance Raises Awareness of IAM Fundamentals with the ‘CISO Chronicles’
    • Building Digital Accessibility: AI Requires Human Oversight to Cut Down on Algorithmic Biases
    • BlackBerry Ivy: Enabling a New Age of Electric Secure Autonomous Vehicles
    • Security Automation Cuts Down Expenses and Saves Time for IT Teams
    • IBM Think 2022 – Embracing the Present, Preparing for the Future
    • A Game of Numbers: The Correlation Between Technology and Sports Betting
    • Software-based Enterprise Solutions for Navigating the “Too Much Information” Age
    • A Look At The Last Generation Of Internal Combustion Engines
    TechSpective
    • RSS
    • Facebook
    • Twitter
    • Google+
    • LinkedIn
    • Instagram
    • Pinterest
    • Technology
      Featured
      March 1, 20216

      Could Home Study Be Better for Education? Using Technology to Craft a Better Tomorrow

      Recent
      May 20, 2022

      Building Digital Accessibility: AI Requires Human Oversight to Cut Down on Algorithmic Biases

      May 20, 2022

      BlackBerry Ivy: Enabling a New Age of Electric Secure Autonomous Vehicles

      May 15, 2022

      A Look At The Last Generation Of Internal Combustion Engines

    • Reviews
      Featured
      March 4, 20211

      Dell’s UltraSharp 40 – Improving Work and Workplaces with Monitor Innovations

      Recent
      April 7, 2022

      Dell’s Latitude 5430 Rugged – Redefining the Extremes of Mobile Computing

      October 12, 2021

      Innovating Home Video Conferencing: Dell’s New 27 Video Conferencing Monitor – S2722DZ

      September 22, 2021

      Review: Intrusion Shield

    • Podcasts
    • Security
      Featured
      March 7, 20212

      Pandemic Unmasks Vulnerability to Automated Bot Attacks

      Recent
      May 23, 2022

      IDS Alliance Raises Awareness of IAM Fundamentals with the ‘CISO Chronicles’

      May 14, 2022

      Ransomware is Indiscriminatory – Prepare for Everything to Fail

      May 5, 2022

      Cybersecurity Myths that are Compromising Your Data and How to Address Them

    • Microsoft
      Featured
      September 12, 20201

      The Microsoft Surface Duo: The Communications Device for Those That Think Different

      Recent
      April 8, 2022

      AI and Why Windows 12 Could Be a Far Bigger Advance than Windows 95 Was

      October 11, 2021

      The Surface Laptop Studio: Building a Windows 11 Targeted Laptop

      August 28, 2021

      Why Microsoft’s Hardware Baseline for Windows 11 Is Important

    • News & Analysis
      Featured
      March 6, 20212

      Fixing The World One Person At A Time: Cisco Networking Academy

      Recent
      May 20, 2022

      BlackBerry Ivy: Enabling a New Age of Electric Secure Autonomous Vehicles

      May 20, 2022

      IBM Think 2022 – Embracing the Present, Preparing for the Future

      May 14, 2022

      Apple vs. Dell: Choosing Which Company to Work For

    • Business
      Featured
      March 6, 20212

      Fixing The World One Person At A Time: Cisco Networking Academy

      Recent
      May 20, 2022

      Building Digital Accessibility: AI Requires Human Oversight to Cut Down on Algorithmic Biases

      May 20, 2022

      Security Automation Cuts Down Expenses and Saves Time for IT Teams

      May 18, 2022

      Software-based Enterprise Solutions for Navigating the “Too Much Information” Age

    TechSpective
    You are at:Home»Security»Ransomware»Ransomware is Rampant: Is Your Business Safe?
    ransomware cybersecurity ransomops
    Image from Pixabay

    Ransomware is Rampant: Is Your Business Safe?

    5
    By Kayleigh Bridges on January 6, 2022 Ransomware

    While a host of protective measures can limit the risk, outsourcing to an expert third party cybersecurity firm may be the safest option

    With ransomware attacks on high profile businesses like Colonial Pipeline and JBS Foods in the headlines, business managers are increasingly asking, “Are we vulnerable too?” or even “Are we next?”

    According to the U.S. Cybersecurity and Infrastructure Security Agency (CISA), “Ransomware is an ever-evolving form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for decryption. Ransomware actors often target and threaten to sell or leak exfiltrated data or authentication information if the ransom is not paid.”

    Although there are various measures that businesses can take to reduce the risk of becoming a ransomware victim – which can involve a loss of data and production for an indefinite period until it is resolved – managers shaken by the scope of the problem are increasingly turning to expert third party cybersecurity firms for guidance and protection.

    Any Business a Potential Victim

    When Colonial Pipeline was targeted by the DarkSide gang in a ransomware attack this April, it disrupted gas supplies along the U.S. East Coast, causing widespread shortages in multiple states. Colonial Pipeline paid $4.4 million dollars in bitcoin to release their billing system and internal business network, although U.S. law enforcement later recovered much of the payment.

    JBS Foods, one of the world’s largest meat processing companies, suffered a ransomware attack this May and paid an $11 million ransom. The Russia-based hacking group REvil is suspected to be behind the attack.

    Global ransomware damage costs are predicted to hit $20 billion in 2021, up from $11.5 billion in 2019, $5 billion in 2017, and just $325 million in 2015, according to the Cisco/Cybersecurity Ventures 2019 Cybersecurity Almanac.

    Cybersecurity Ventures, the world’s leading researcher and a trusted source for cybersecurity facts, figures, and statistics, expects that businesses will fall victim to a ransomware attack every 11 seconds in 2021, up from every 14 seconds in 2019, and every 40 seconds in 2016.

    Concern over the danger to businesses has even risen to the international stage. NPR reports that at a recent summit in Geneva, “President Biden called on Russian President Vladimir Putin to crack down on cybercrimes. But the Russian leader has shown little interest in combatting an emerging criminal industry in his country that’s called ‘ransomware-as-a-service.’”

    In the battle against ransomware, the challenge is that essentially any business with older PCs, networks, firewalls, or operating systems is vulnerable, particularly those that do not immediately update to the latest software to “patch” security issues, according to Yuriy Tatarintsev, Manager, Technical Operations at BTI Communications Group, an IT cybersecurity and technology convergence provider that services clients nationwide.

    Safeguarding Businesses of All Sizes

    While keeping the entire business’s IT infrastructure and software fully up to date is the goal, even one PC running an older, unsupported version of Windows, for instance, can be “a chink in the defensive armor that invites intrusion,” states Tatarintsev.

    So, the fight against ransomware begins with having a companywide process to ensure that all machines are patched with the latest security updates from Microsoft and other applications as soon as they are released.

    Next, defending critical business processes from attack goes beyond simple anti-virus protection that solely reacts to known threats, and that leaves operations vulnerable to yet unidentified risks.

    “We recommend a new generation of advanced antivirus software that does not always depend on identifying known threats or ‘signatures.’ Instead, such software uses artificial intelligence to analyze which PC programs and processes are affected and as soon malicious activity is detected, stops it,” explains Tatarintsev.

    According to Tatarintsev, email security is also of critical importance today because insufficient precaution in this area is perhaps the leading cause of companies getting ensnared in ransomware.

    “Statistically most businesses acquire ransomware when an employee receives a suspicious email that seems legitimate and clicks on an embedded link. This starts the ransomware attack, which then spreads throughout the company network,” says Tatarintsev.

    To protect against this hazard, Tatarintsev recommends that businesses use advanced email spam protection tools that offer significantly more defensive capability than earlier, more rudimentary options.

    “The advanced tools not only filter out all potentially malicious emails, but also stop users from going to dangerous website destinations by clicking on links that could start a ransomware attack,” he says. He explains that the tools rewrite all the embedded link Uniform Resource Locators (URLs). So, if a user clicks a URL in an email, instead of linking to a potentially dangerous website, he or she is redirected to a safe location or ‘sandbox.’ The URL is analyzed to determine if it is dangerous, and if it is safe the user is allowed to go to the original website destination.

    Since deceptive “phishing” emails designed to start a ransomware attack can appear so similar to authentic emails, Tatarintsev advises that all business employees receive periodic security awareness training. This not only teaches employees how to distinguish the latest potentially dangerous emails, but also sends safe, simulated phishing emails to test their responses on an as needed basis. Employees who fail the test are given additional training, so they will not compromise the business when an actual phishing email-ransomware assault occurs.

    If all these defenses fail and ransomware does infect and shut down a business’s IT network, a reliable back up system should be in place that can quickly restore all critical data.

    “If a business’s vital server data is encrypted by ransomware, with a good backup solution data can be restored from the backup,” says Tatarintsev. He notes, however, that some data will be lost, depending on the frequency of backup. Unless these are virtually continuous, a day or even a week or more of current data could be lost.

    Moreover, care must be taken as to how data is transferred and saved, so ransomware does not have access to storage sites connected to company networks.

    While businesses can attempt to fight the growing scourge of ransomware in-house, most IT departments do not have the time, resources, or expertise available to deter the constantly evolving threat on a 24/7 basis.

    As an alternative, an increasing number of businesses are cost-effectively protecting against ransomware by outsourcing to professional, third-party firms like BTI Communications Group that remotely and continually provide layers of protection with a comprehensive, integrated IT approach.

    This strategy can continually deter and detect threats as well as resolve vulnerabilities. Additionally, this eliminates the need to dedicate internal IT staff to these types of tasks. It also minimizes potential loss and even liability if serious harm were to be caused by disrupted company services.

    However, even outsourced IT solutions and services are at risk of ransomware attacks and so must be prepared with advanced monitoring and prevention tools. On the weekend of July 3, 2021, Russia-linked hackers were suspected of a mass ransomware attack on Kaseya, a company that provides IT management software. The hackers demanded $70 million.

    According to Tatarintsev, BTI Communications Group does not use Kaseya’s products and would not speculate on the incident. However, the first and primary goal of a third-party, integrated IT service is to deliver the foremost level of technical quality that can be delivered reliably for a client’s budget.

    “We emphasize the quality and reliability aspects. Where cybersecurity is concerned, any other approach, no matter how seemingly cost beneficial, can be fatal. By putting quality first before short term economic advantage from cheaper tools, we and our clients end up winning in the end,” says Tatarintsev.

    For this reason, only carefully selected software tools and technical solutions should be utilized to ensure its clients are always operating in a high-performance, reliable, and secure IT environment.

    “Our persistent threat monitoring and prevention tools identify root causes of threats, reverse malicious attempts in the early stages, and prevent incidents from penetrating our client systems,” says Tatarintsev. “Our 24/7 Security Operating Center provides managed detection and response by continuously watching the environments and reacting rapidly to potential risks, ensuring ongoing protection with the most current security insights and guidance available.”

    “We have reason to believe that any malicious code pushed our way from a software vendor would have been stopped by our systems prior to it being able to infect anyone,” concludes Tatarintsev.

    With the menace of ransomware continuing to escalate, businesses of all sizes would be wise to examine options for deterring the threat before being victimized.

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Previous ArticleSocial Media Marketing for Small Businesses
    Next Article Webex Is Going to Outer Space
    Kayleigh Bridges

    Kayleigh is an avid geek with a passion for technology and all things Marvel. She writes about technology and gadgets and cybersecurity--but she really wants to be Black Widow when she grows up.

    Related Posts

    Security Automation Cuts Down Expenses and Saves Time for IT Teams

    Ransomware is Indiscriminatory – Prepare for Everything to Fail

    Cybersecurity in the Age of Online Casinos

    5 Comments

    1. Pingback: Ransomware is Rampant: Is Your Business Safe? | #malware | #ransomware - NATIONAL CYBER SECURITY NEWS TODAY

    2. Pingback: Cybersecurity Challenges Facing Critical Infrastructure - Cyber Protection Magazine

    3. Pingback: Ransomware is Indiscriminatory – Prepare for Everything to Fail

    4. Pingback: Ransomware is Indiscriminatory – Prepare for Everything to Fail – Mustafa.net

    5. Pingback: Ransomware is Indiscriminatory – Prepare for Everything to Fail - itechnewsonline.com

    Leave A Reply Cancel Reply

    This site uses Akismet to reduce spam. Learn how your comment data is processed.

    Site Sponsors
    Intel
    DevOps.com
    Adobe
    PopSpective
    • Technology
    • Popular
    • Top Reviews
    May 20, 2022

    Building Digital Accessibility: AI Requires Human Oversight to Cut Down on Algorithmic Biases

    May 20, 2022

    BlackBerry Ivy: Enabling a New Age of Electric Secure Autonomous Vehicles

    May 15, 2022

    A Look At The Last Generation Of Internal Combustion Engines

    9.0
    July 14, 2016

    Review: Lenovo Yoga 900S

    9.5
    March 2, 2015

    Review: Asus Zenbook UX305 ultrabook

    8.0
    February 9, 2015

    Review: Burg 12 smartwatch

    9.7
    November 16, 2018

    Review: BlackVue DR900S-2CH Vehicle Dash Cam

    9.5
    September 2, 2015

    Review: Microsoft Band

    May 27, 2014

    Protect your family photos with ScanMyPhotos

    PopSpective
    Popular Posts
    9.0
    July 14, 2016

    Review: Lenovo Yoga 900S

    9.5
    March 2, 2015

    Review: Asus Zenbook UX305 ultrabook

    8.0
    February 9, 2015

    Review: Burg 12 smartwatch

    Adobe
    PopSpective
    Coffee and Politics
    Adobe
    • RSS
    • Facebook
    • Twitter
    • Google+
    • LinkedIn
    • Instagram
    • Pinterest
    About

    TechSpective covers technology trends and breaking news in a meaningful way that brings value to the story, and provides you with information that is relevant to you. We offer in-depth reporting and long-form feature stories, as well as breaking news coverage, product reviews, and community content in plain English terms, and with a unique perspective on technology.

    PopSpective

    © 2020 Xpective, Inc.

    • About
    • Privacy
    • Advertise
    • Subscribe
    • Contact
    © 2021 Xpective, Inc.
    • About
    • Privacy
    • Advertise
    • Subscribe
    • Contact

    Type above and press Enter to search. Press Esc to cancel.