Mark Lomas, technical architect at Probrand
Ransomware – Hostage-style malware has evolved into the greatest cyber threat facing businesses. Ransomware is an incredibly challenging form of malware for business security teams to try and mitigate. With that in mind, Information Age investigates this pervasive threat.
Is ransomware the most common and damaging form of malware?
Ransomware attacks are certainly a dominant problem because, unlike other threats, they have a direct and immediate impact. Early malware attacks might have made your computer run slowly, and over time this evolved into malicious software to try and silently ‘join’ your machine to botnets. A ransomware attack on the other hand is much more instantaneous, giving you less time to notice that something might not be quite right.
What steps can be taken to prevent ransomware attacks? I.e. employee education, security system revamp etc.
Think about some of the different avenues an attacker might exploit when carrying out an attack. What are their entry points?
As well intentioned as employees might be, they are an obvious chink in the armour, regardless of whether it’s their fault. They may be working from a computer that doesn’t have the most up-to-date security software, for example, or may simply click on an infected link without spotting the danger signs.
In this respect, user education is hugely important. What big red flashing lights should employees be looking out for? Also keep in mind that user training isn’t a tick box exercise, it needs to be carried out on a regular basis so users are kept up-to-date with new methods of attacks and expected standards.
A second consideration is anti-malware software. Do you have the latest patch installed? Is your software up-to-date? You then need to think about where your files, data and software is stored.
Ransomware will scan your network and go looking for file shares it can encrypt. Which means many vendors are now upping their game to develop software that can monitor activity on files to see if they’re being encrypted as they’re being used. Check with your anti-malware vendor to see if this is a feature that you have in place – it might be the difference between being protected or not.
Do you envisage a time when ransomware is no longer a problem?
Viruses have been around for a long time and, unfortunately, given the success of ransomware it’s unlikely to evaporate anytime soon. But anti-virus vendors are taking steps to address this challenge and hopefully, by working together with the government and the wider industry, we can get better at spotting the warning signs. This will at least eliminate part of the problem and make it harder for the bad guys.