The typical ransom scenario has been played out in many movie blockbusters. The bad guys follow the rich children home from school and despite the bodyguards and the security, the kids get kidnapped and held for ransom. A thrilling and heady journey ensues, and after million-dollar stunts, the kids are returned unharmed. While kidnappings for ransom continue to occur in Russia and some South American countries, a different and equally malicious ransom phenomenon is happening, and more often than we think.
Ransomware is a form of malware or a virus that prevents users from accessing their systems or data until the money is paid. According to global IT organisation, Phoenix Nap, clicking on infected links is the primary attack method.
Phoenix Nap revealed that:
- A new organisation will fall victim to ransomware every 14 seconds in 2019, and every 11 seconds by 2021.
- 1.5 million new phishing sites are created every month. (Source: webroot.com)
- Ransomware attacks have increased by over 97% in the past two years. (Source: Phishme)
- A total of 850.97 million ransomware infections were detected by the institute in 2018.
- 34% of businesses hit with malware took a week or more to regain access to their data. (Source: Kaspersky)
- 81% of cybersecurity experts believe there will be a record number of ransomware attacks in 2019. (Source: CIO Dive)
- McAfee analysts suggest that individuals with a large number of connected devices and a high net worth are some of the most attractive targets.
The South African Banking Risk Information Centre has warned companies – big and small – that the threat of a cyberattack has never been this severe. South Africa has the third-highest number of cybercrime victims in the world and loses about R2.2 billion to this phenomenon. In addition, this may be a conservative estimate as many cyber attacks go unreported.
Once-upon-a-time, when a company’s backups were on tape, hacking was almost unheard of. But now, data is stored on disk or in the cloud and is at a significantly high ransomware risk. Kyocera Document Solutions South Africa (KDZA) is behind equipping its clients and community with the tools necessary to combat the threat of a massive data breach, and in particular, ransomware.
Minimising your risk means minimising the loss of access to sensitive data; operational downtime; compliance and legal issues; brand damage and the loss of customers and; financial losses due to the replacement and repair of compromised machines and devices.
Ways to protect your business from ransomware
Ransomware is designed to restrict your access to valuable business information. The US Department of Homeland has put together a comprehensive guide on protecting your business and keeping your data safe. Here are some highlights:
Be clever with your passwords
Two-factor authentication, in particular, is a more secure method of authorising access. It requires two out of the following three types of credentials: something you know (e.g., a password or PIN), something you have (e.g., a token or ID card), and something you are (e.g., a biometric fingerprint). Because one of the two required credentials requires physical presence, this step makes it more difficult for a threat actor to compromise your device.
Ensure you choose secure networks
Use internet connections you trust, such as your home service. Public networks are not very secure, which makes it easy for others to intercept your data. If you choose to connect to open networks, consider using antivirus and firewall software on your device. Another way you can help secure your mobile data is by using a Virtual Private Network service, which allows you to connect to the internet securely by keeping your exchanges private while you use Wi-Fi.
Upgrade that software
Manufacturers issue updates as they discover vulnerabilities in their products. Automatic updates make this easier for many devices—including computers, phones, tablets, and other smart devices—but you may need to manually update other devices.
Kyocera Document Solutions South Africa believes that when it comes to cybersecurity defence, it’s important to have a holistic approach, using technology, education and preparation to ensure your data remains protected, no matter what attacks are levelled at you.