What Are the Two Main Defenses Against Ransomware?

The top two defenses against ransomware are raising awareness through regular education and a comprehensive ransomware protection service. In fact, education should really be a part of any cybersecurity plan, but our InterVision team believes it’s important enough to have its own recognition.

Our Ransomware Protection as a Service™ (RPaaS™) is the industry’s first and only holistic approach to ransomware threats, focusing on the entire lifecycle of detection, protection, and recovery. Over the years, we’ve learned all the ins and outs of ransomware attacks and the best methods of proactive defense, and we want to share those insights with you. So, in the spirit of raising ransomware awareness, we’ve put together this article to answer some of our client’s most pressing questions on the topic.

 

What Are the Most Common Ransomware Targets?

According to a study by IBM Security X-Force, the manufacturing industry was the number one target for cyber attacks in 2021. Here’s the full breakdown:

  • Manufacturing accounted for 23.2% of attacks.
  • Finance and insurance accounted for 22.4% of attacks.
  • Professional and business services accounted for 12.7% of attacks.
  • Energy accounted for 8.2% of attacks.
  • Retail and wholesale accounted for 7.3% of attacks.
  • Healthcare accounted for 5.1% of attacks.
  • Transportation accounted for 4.0% of attacks.
  • Government accounted for 2.8% of attacks.
  • Education accounted for 2.8% of attacks.
  • Transportation accounted for 2.5% of attacks.

These percentages vary slightly when looking at specific geographic areas. For example, in North America, manufacturing was the number one victim—in Asia it was finance and insurance.

 

How Do Hackers Gain Access to Your Computer?

The most common ways hackers gain access to your computer is via phishing, vulnerability exploitation, and stolen credentials, according to that same IBM study.

  • Phishing involves the attacker sending fraudulent messages or emails to potential victims with the goal of tricking these people into deploying malware like ransomware. This is the number one method for hackers to gain access to a computer. Usually, the goal is to lead a person to deploy malware onto their device or reveal sensitive information.
  • Vulnerability exploitation is exactly what it sounds like: hackers exploiting a system’s vulnerabilities. These weak points could include poorly-configured firewalls, insecure Wi-Fi access points, weak passwords, hidden backdoor programs, unmaintained updates, etc.
  • Stolen credentials seems like an unlikely avenue, but you’d be surprised how many methods there are for stealing passwords and other security credentials. Even innocently writing your password down on a post-it and tucking it away in your desk drawer could lead to a cyber attack.

Other avenues were through brute force, remote desktops, removable media, and password spraying. And unfortunately, computers aren’t the only devices being attacked through these methods.

 

Which Type of Device Is the Top Target for Ransomware?

In our experience, computers have been the most popular ransomware targets—but this is changing. As more and more smart devices make their way into our lives, the number of access points for hackers goes up. These items, also known as IoT (Internet of Things) devices, are all over our houses and workplaces. You might be reading this blog on one right now. Other IoT devices include:

  • Smart phones
  • Smart watches
  • Smart door locks
  • Smart appliances
  • Smart security systems
  • Smart health monitors
  • Smart cars

To get ahead of IoT device ransomware attacks, the School of Computing at the University of Kent conducted a study called “PaperW8: An IoT Bricking Ransomware Proof of Concept.” Researchers took on the role of a hacker and created PaperW8, a ransomware to target IoT devices specifically with the goal of testing IoT device vulnerabilities. The conclusion of this study reports, “We were able to hold [the test victim] to ransom and prove that the device could be bricked in a way to prevent easy recovery.”

All of this is a bit scary, to say the least. However, as hackers work to devise new schemes, studies like this help us to fight back. The researchers of this study also investigate and include several countermeasures—like device updates and utilizing reset capabilities—and they end with a suggestion, “that [these countermeasures] should be investigated and quickly deployed in order to prevent attackers from using this powerful and damaging attack strategy in the near future.”

Cybercrime developments like this call for a comprehensive ransomware solution. The new types of ransomware will continue to advance, but with the right security, your mind can be at peace.

 

What Is the Best Defense Against Ransomware? A Partner Like InterVision

The news makes it seem like only high-profile companies are being hit with ransomware, but that’s not what we’re seeing down in the cyber trenches. Our InterVision experts generally find that smaller companies are sometimes more at risk of ransomware because cybercriminals know they often lack the budget and resources to mount a proper defense.

Thankfully, it doesn’t have to be this way. We have clients of all sizes, big and small, and they all rest easier at night with our system of RPaaS defenses in place, including:

  • Protection and detection with SOCaaS (Security Operations Center as a Service), which offers 24/7 monitoring
  • Recovery with Ransomware Recovery as a Service, including air gapping, multi-factor authentication, immutable backups, and testing and process documentation
  • Strategic support with vCISO (virtual Chief Information Security Officer) via analyzing, advising, and developing important security roadmap plans to mitigate business technology risks

If you’d like to level up your cybercrime defense strategy, reach out to us for a complimentary consultation. We can answer any questions you may have and discuss your business’s possible vulnerabilities and solutions. As we say, when it comes to ransomware, it’s not if, it’s when!

Heading to AWS re:Invent Dec 2-6? We will be at Booth 1764!

X