It seems we are living in a time when not one full month passes without the report of a ransomware attack affecting a business. Ransomware attacks have become one of the more unfortunate aspects of cyber life. To further complicate matters, business is so good for cybercriminals that they are developing more advanced and sophisticated threats.
In fact, new and more advanced ransomware viruses continue to emerge rather frequently, and even extending to IoT systems. Businesses and organizations that are not as protected as they imagined are often forced to pay the demanded ransom — with the ”hope” that the cybercriminals will release their data.
In Canada, where the attacks have been increasing, it could be due to the digital strategies of Canadian businesses and how many businesses have paid the ransom to the hackers in exchange for the release of their data. Cybercriminals will take any opportunity they are given, and they will take advantage of the opportunity to fulfill their financial goals.
This has been evident during the COVID-19 pandemic as many businesses had to make the transition to a remote work environment. As a result, cybercriminals were quick to use the uncertainty of the pandemic and workplace transitions to carry out their attacks. When looking to the future, cybercriminals are eventually going to look for more opportunities to exploit.
Whether it is due to the ongoing impact of the COVID-19 pandemic or another situation in the future, we anticipate that we will continue to see a growing trend in targeted attacks and an increase in ransom demands.
While it is always difficult to tell what the future holds, I — along with other industry experts — was asked to share our opinions on the current state of ransomware and to provide insight into what businesses in Canada can do to protect themselves against ransomware. We were also asked if we could foresee any technology solutions that could become the most effective solution to the ransomware problem.
There are no global boundaries when it comes to ransomware. The same types of ransomware that can impact healthcare facilities, meat companies, pipelines, etc. in the United States can also impact facilities and businesses in Canada. A recent ransomware attack on Toronto’s Humber River Hospital led to officials scrambling to restore their computer systems. The hospital experienced a ”zero-day ransomware attack” that resulted in hospital staff declaring a code grey.
Other healthcare facilities, a popular restaurant chain, and other Canadian businesses have been victims of ransomware attacks. Cybercriminals do not just target large businesses; small businesses are also victims of ransomware attacks. The malicious actors are looking for quick and easy targets that will pay the ransom, and the cybercriminals will move on to the next victim.
From small businesses to large businesses, from local ice cream shops to hospitals, no one will be off-limits when it comes to ransomware attacks. As ransom demands are met, the attacks will continue to grow as hackers find more businesses without adequate network security.
Many IT Pros recently compare ransomware to the 9/11 attack. If we are going to ask ourselves if there are any solutions to ransomware, should we be asking the same about terrorism? Many other IT professionals believe we should approach the issue of ransomware from a variety of aspects, but the approach needs to be correct, just as the approach needs to be correct when addressing terrorism. As we have all witnessed from a global standpoint, terrorism is still a relevant topic. When asked for additional insight on what steps can be taken to address ransomware, he noted that businesses of all sizes should have a solid detection and response strategy in place to combat the threat of ransomware.
In 2019, a Canadian dentist discovered that 19 out of 22 computers on his networks were infected with ransomware. The hacker demanded $165,000 in exchange for the release of patient files. The dentist avoided having to pay a ransom because there was ”a good backup”. If you have a solid backup and data recovery plan, you can not only ensure business continuity, but you get rid of the only good leverage the cybercriminals have.
When backups are implemented, they should be routinely tested to ensure it is operational and to ensure that the backup is effective at maintaining data integrity. The effect of a ransomware attack is a major disruption in any business. Therefore, it is critical to take the time to invest in a backup and data recovery strategy that will protect your business operations and your valuable assets.
Prevention is the best cure. Fransen believes prevention is the leading technology that can put an end to malware before it causes major damage. The security industry is aware of the different ways that ransomware can infect a business, and he believes some critical services and solutions can be used to protect businesses of all sizes.
Preventive measures are key to limiting ransomware, noting that most businesses are typically reactive instead of proactive. Businesses that do not want to be the next business to make the headlines to improve their security and one of the best ways to do this is to perform a risk assessment and take any needed action.
Regarding the question on the technology solutions, there is no one-size-fits-all method that every business can be implemented. However, there are so many tools and resources that can be used to help businesses, individuals, organizations, facilities, etc. prevent an attack. See 365’s full response below:
“Yes, I believe there is a technology solution to ransomware, but it will require a significant change to how we manage security and access rights in an organization. Traditionally, the focus has been on keeping the bad guys out — setting a strong perimeter. Firewalls, intrusion detection and prevention systems, honeypots, and more are all designed to prevent the perimeter from being compromised. The problem, of course, is that once the perimeter is breached significant damage can be done. Newer security models focusing on Zero Trust and Just In Time access offer some hope. By treating even internal accounts as untrusted, and making decisions to elevate privileges on an as-needed basis, there may be an opportunity to isolate ransomware attacks even if they are successful in gaining access to the network.”
No single technology could serve as a solution to ransomware. However, both do believe that a combination of solutions can successfully combat ransomware. Multi-Factor Authentication is one of the solutions that can serve as a defence against ransomware. Managed Threat Response systems should also be implemented as an additional security measure.
The more everyone embraces the tools and solutions that are available, the better. If we all do our parts, we will create stronger defences against ransomware. 365 Technologies provides high-quality IT services, cybersecurity solutions, and cloud solutions for organizations that are looking for better security. We can help you evaluate your current security defence strategy and make suggestions for strengthening any weak areas.
Will your systems and networks be protected from a potential ransomware attack? Contact us today for your free consultation.