Friday, April 26, 2019

CyberSecurity - Ransomware

Attended EC-Council Certified Incident Handler version2 (E|CIH v2) on 28 Mar 2019. From the course, I understand the value and importance of cybersecurity. Therefore I did research online only focusing on ransomware to gain more knowledge on the statistics and the impact on the business. Below are the highlights or summary taken from articles, click on the link to read more.
WPP cyberattack it a wake-up call for all agencies. The cyber attack in the year 2017 cost WPP about $15 million, however, we do not know WPP has a loss or suffer for the intangible cost.
https://www.adweek.com/agencies/wpp-cyberattack-serves-as-a-wake-up-call-to-agencies-and-cmos-alike/

Global ransomware damage costs predicted to exceed $8 billion in 2018. Global damage predicted to reach 11.5 billion annually by 2019
https://cybersecurityventures.com/global-ransomware-damage-costs-predicted-to-exceed-8-billion-in-2018/

Ransomware is a top 5 threat. Nearly 60% of ransomware attacks are delivered through email as embedded URLs.
Ransomware is a Top 5 Threat

Ransomware continues to grow annually
Ransomware Continues to Grow Annually

The most targeted industry is Healthcare which takes 45% followed by Financial and Professional services 12% (I'm surprised by the percentage gap)
The Healthcare Industry is the Most Targeted

Windows operating system is still the most targeted system
Windows is Still the Most Targeted System
Ninety-nine percent of multiple service providers say Windows operating systems are targeted most frequently by ransomware attacks. However, this doesn’t mean that OS X, Linux, and Android are immune.
https://www.safetydetective.com/blog/ransomware-statistics/

Personal view: The reason that the window operating system is targeted the most is that most of the industry application or software only support on windows. Re-develop the application to another OS example, OS X? It will require a huge amount of investment by the developer. Also, will companies willing to invest or pay for the new development is another question.

Below is the prevention of ransomware and how to remove it if you encounter one.


Ransomware is a profitable market for cybercriminals and can be difficult to stop. Prevention is the single most important aspect of protecting your personal data. To deter cybercriminals and help protect yourself from a ransomware attack, keep in mind these dos and don’ts:
Dos and don’ts of ransomware
  1. Do use security software. To help protect your data, install and use a trusted security suite that offers more than just antivirus features. Norton Security detects and helps protect against hidden threats to your identity and your devices, including your mobile phones.
  2. Do keep your security software up to date. New ransomware variants appear on a regular basis, so having up-to-date internet security software will help protect you against cyber attacks.
  3. Do update your operating system and other software. Software updates frequently include patches for newly discovered security vulnerabilities that could be exploited by ransomware attackers.
  4. Don’t automatically open email attachments. Email is one of the main methods for delivering ransomware. Avoid opening emails and attachments from unfamiliar or untrusted sources.
  5. Do be wary of any email attachment that advises you to enable macros to view its content. Once enabled, macro malware can infect multiple files. Unless you are absolutely sure the email is genuine, from a trusted source, delete the email. (stated in above higlight 60% of attack is from email)
  6. Do back up important data to an external hard drive. Attackers can gain leverage over their victims by encrypting valuable files and making them inaccessible. If the victim has backup copies, the hacker no longer holds the upper hand. Backup files allow victims to restore their files once the infection has been cleaned up. Ensure that backups are appropriately protected or stored offline so that attackers can’t access them.
  7. Do use cloud services. This can help mitigate ransomware infection, since many cloud services retain previous versions of files, allowing you to “roll back” to the unencrypted form.
  8. Don’t pay the ransom. You could be wondering, “But won’t I get my files back if I pay the ransom?” You might, but you might not. Sensing desperation, a cybercriminal could ask you to pay again and again, extorting money from you but never releasing your data.

https://us.norton.com/internetsecurity-malware-ransomware-5-dos-and-donts.html

How to remove ransomware
https://malwaretips.com/blogs/category/ransomware/

Scan for vulnerabilities which reduce risks.
https://www.qualys.com/community-edition/#/freescan
https://www.microsoft.com/en-us/download/details.aspx?id=19892

In the current digital world regardless of your company size or industry always invest in cybersecurity and prepare for any cyber attack. You never know when you will be hit. When the organization is attacked the tangible and intangible cost is unpredictedPrevention is better than cure!




No comments:

Post a Comment