Barracuda Networks, Inc. a leading provider of cloud-connected security and storage solutions; cautions small medium enterprises (SME) to beware of ransomware threats as they are the most prone victims of the malicious attacks. The caution comes as more than 300,000 incidents of ransomware attacks had been reported in over 150 countries in a massive ransomware attack in May by a relatively young ransomware called WanaCrypt0r or WannaCry.
Unlike previous strains, WannaCry has a “hunter” module incorporated into the malware. While past versions relied on the end users actions such as – downloading from the web, clicking on an email link or malicious attachment, WannaCry only needs to be detonated once before it starts hunting for vulnerable windows machine throughout a network of connected devices. Attackers are charging up to USD600 or more in bitcoin to release the files.
James Forbes-May, the Vice President of APAC Sales for Barracuda says, “We urge our customers to ensure their Energize Updates are active in order to remain protected from this strain. These continuous massive attacks further reiterate the importance of having advanced protection across all threat vectors.” “Customers are also urged to ensure all their computers are up to date with the necessary patches from Windows. However, patching an already infected computer will not stop the malware. If you get infected, immediately shut down your device and call your IT department,” he further adds. “Ransomware has become big business for cyber criminals. Experts believe losses resulting of ransomware will surpass USD 1 Billion globally in 2017,” he adds. While anyone who accesses the internet can become a victim of ransomware, large businesses and SMEs remain the preferred target as they have more to lose and are more than willing to pay a bigger ransom,” adds Forbes-May.
Healthcare facilities and hospitals globally took a big hit from the recent WanaCrypt0r attack, leaving many reduced to manually registering patients. Numerous individuals and SMEs have also reported losing their data in the massive attack.
Human Error main cause
Despite continuous education, human error remains the number one cause behind any successful cybercrime attack.
“The simple fact is that your data protection will remain ineffective as long as your employees are untrained, unaware, or unwilling to follow procedures. All it needs is for one employee to click on an infected attachment in an email, for the cyber criminals to hold your entire network hostage,” cautions Forbes-May. “You are never too small to be a target: A common misconception is that small and midsized businesses think they are unattractive attack targets and by default, safe. In reality, these organizations are often more prone to attacks as they’re assumed to have fewer staff, technology, and resources to combat targeted attacks,” adds Forbes-May.
Cyber criminals exploit a variety of vulnerabilities like email, network traffic, user behaviour, and application traffic, to insert malware. Protecting yourself from vulnerability through one of these vectors is a good start, but without a comprehensive security strategy that secures all vectors, from all the advanced threats, you are almost certain to fall victim to these devastating attacks.
“Criminals don’t even need to create this malware. Ransomware can be purchased for cheap and sent out in bulk to receivers. All they need to do is wait for someone to fall victim. Simply put, cyber criminals are indiscriminate in their targets, and will gladly extort your data for a hefty ransom,” he explains. “One of the problems for SMEs is that they are comfortable with their teams. They don’t have the security and management policies that the larger enterprises use to protect data. SMEs should take a look at their risks from a few different angles,” he adds.
Barracuda has the following recommendations for SMEs:
• Restrict internet access based on the employees working needs
• Back up data regularly on a non-shared or connected device, to increase the likelihood that data that is held hostage can be recovered
• Ensure all devices are regularly updated with patches automatically
• Ensure all computers and emails are vetted against spam, malware, virus, phishing and more
• Provide ongoing training and reinforcement to the employees on how to identify suspicious emails
• Remind employees to keep laptops and other mobile devices secure at all times and not use an unknown USB driver
Enforce, monitor, and educate: User behavior can be your weakest link, and it is inevitable that someone will eventually click. However, education is a critical piece of a solid data protection strategy as attackers increasingly look to exploit “human networks” in targeted phishing and spear phishing campaigns.
“SME employees don’t always appreciate the importance of security policies that restrict access to websites or applications. Long term employees sometimes resist security policies because they feel untrusted, or they don’t understand the need. It may be important to communicate that these policies protect the company, customers, suppliers, and employees,” explains Forbes-May.
“While human error is inevitable, companies can ensure minimal disruption by having plan B. The best approach to dealing with ransomware is to devise and implement a comprehensive backup recovery plan. So in the event that your network gets infected, you will be able to recover all data with minimal effort,” he advices.
“It’s important to note that even if you’ve already been hit, you’re not immune from future attacks. In fact, some attackers might view your organization as an easy target and begin making plans for an attack with even greater consequences. This means it’s never too late to re-evaluate your security strategy to protect your organization. At the end of the day, businesses need to remember that their data is valuable and a necessity for their business growth,” ends Forbes-May.
Source: Media Release