How to stop ransomware 2019
Ransomware on the rise
New research has found that ransomware attacks have doubled in 2019 compared to 2018. So ransomware attacks are on the rise again.
If that’s not startling enough, hackers are using your own passwords to infect your systems with ransomware.
What is ransomware?
Ransomware is a type of malware that hackers use in cyber-attacks against your business. Ransomware encrypts your files and the cybercriminals demand a ransom payment in return for a decryption key. They'll promise to decrypt your encrypted data after the ransom is paid but rarely do.
There are many different types of ransomware infection, with ransomware-as-a-service becoming more popular - this is a pre-packaged, easy-to-launch virus sold on the dark web for novice cybercriminals.
Other forms of ransomware include the infamous WannaCry attack which hit the NHS and other global businesses and Locky, which has been around for a long time.
Ransomware - common attack methods
In the Attack Landscape H1 2019 report, security researchers analysed ransomware attacks on honeypots – servers designed to be appealing to hackers – during the first six months of 2019.
The research found that brute force attacks, whereby hackers attempt multiple logins using common or leaked passwords to break into accounts, overtook phishing and spam emails as the number one vector for infecting a business with encrypting ransomware.
31% of all ransomware attacks were the result of brute force attacks against Remote Desktop Protocols (RDPs) which, if unsecured, allow hackers to gain access to your business network and infect your servers and PCs with ransomware.
The increase in brute force attacks should be a wake-up call to businesses using weak or common passwords to secure their critical business systems. Organisations should address their risk management policies to ensure sensitive information is protected against ransomware viruses.
What is the best defence against ransomware?
Hackers will use the most common passwords, as well as those leaked in data breaches, to essentially hammer your systems with credentials until one works. But if you think you’re safe because your credentials have never been leaked, or your password is complex and uncommon, the hackers can still get around that.
As our security expert, Grant Campbell, detailed in his blog on choosing the best password, hackers have another tool in their arsenal. This allows them to ‘crack’, or generate, passwords, based on combining all possible combinations into a phrase.
You might look at that last statement and feel a little hopeless; surely, in that case, they can crack any password? But you’d be wrong. The key to your passwords is not complexity or how uncommon it is, but length. That’s why we recommend passwords that are long, but not necessarily jammed with complex characters; think of phrases you’ll definitely remember.
Depending on your password length, it may take billions or even quindecillions of years to crack. Find out more about that, and enjoy some cat-based password content, in Grant’s blog.
It’s also critical to never re-use passwords. If, for example, you used your highly secure password for your Yahoo account, which was breached, and re-used it for another service, hackers could easily crack that service too. By adopting a password policy of using memorable phrases with no or limited complex characters, you’re far more likely to remember individual passwords and, thus, not feel the need to re-use them.
How do I protect my computer against ransomware?
This isn’t to say you should focus solely on creating strong passwords to ensure good cybersecurity. While phishing emails are no longer the primary vector for infecting victims with ransomware, they still account for a quarter (23%) of all successful attacks. The other 46% include compromised firmware attacks, the download of fake installers and hacked software. These attacks can steal credit card data which can result in identity theft.
The key to good information security is a synchronised approach to security. While this study highlights the urgency of ensuring secure passwords on your critical systems, it also evidences how many different methods hackers will use to infect your business systems and extort money out of you.
We strongly recommend you don't pay the ransom if the hackers demand payment, as it's very unlikely you'll get your data back.
We strongly recommend you review your own password policies to avoid falling victim to a brute force attack that could see hackers gain access to your internal systems and feasibly infect your entire network with malicious software. But don’t forget to train your staff on spotting phishing emails or preventing the download of innocent-looking applications that could stealthily install malware, too…
Don’t know where to start? Why not talk to TSG’s highly qualified security experts to understand how best to protect your business.