Master Ransomware Mitigation Strategies – Prevent & Detect Cyber Attacks

Debasish Pramanik Cloud Security Expert - CloudCodes Software
  • December 25th, 2017

“To be honest, we often advise people just to pay the ransom.”Joseph Bonavolonta

Ransomware has been a prominent threat to enterprises, SMBs, and individuals since mid-2000s. In fact, there are more than 7,600 ransomware attacks reported to the Internet Crime Complaint Center (IC3) between 2005 and March of last year. Backups to protect from cyber attacks learn some ransomware mitigation strategies to get your data secure.

What is Ransomware?

Ransomware is a type of malware that restricts access to the infected computer system in some way and demands that the user pay a ransom to the malware operators to remove the restriction. Some forms of this systematically encrypt files on the system’s hard drive, which become difficult or impossible to decrypt without paying the ransom for the encryption key, while some may simply lock the system and display messages intended to coax the user into paying. Ransomware typically propagates as a trojan, whose payload is disguised as a seemingly legitimate file. All the large IT firm maintains CASB at their end that helps them to any type of illicit activity on their platform.

Why Ransomware Mitigation Strategies Are Effective

The authors of ransomware instill fear and panic into their victims, causing them to click on a link or pay a ransom, and inevitably become infected with additional malware, including messages similar to those below:

  • Your computer has been infected with a virus. Click here to resolve the issue.
  • Your computer was used to visit websites with illegal content. To unlock your computer, you must pay a $100 fine.
  • All files on your computer have been encrypted. You must pay this ransom within 72 hours to regain access to your data.

Known Incidents of Ransomware

As per study on an average, there are approximately 30,000 attacks of ransomware occurring every day across the globe. The incidents have increased 113% compared to previous year. This attacks amass an estimated $1 billion in hostage fees per year. The ransomware mitigation strategies help the user to prevent and cure all such attacks.

  1. Hollywood Presbyterian Medical Center
    A hospital in Los Angeles is the victim of what officials describe as an ongoing cyber attack. Local news organizations have reported that some emergency patients were diverted to other hospitals—and that some of the hospital’s systems have been locked down by ransomware. The hospital has reverted to paper patient registration and medical records, according to NBC 4 in Los Angeles, and the hospital’s network has been shut down for over a week. A spokesperson for the Federal Bureau of Investigations’ Los Angeles office confirmed to Ars that HPMC had been targeted in a cyber attack. The amount being demanded by the attackers to provide the key to unlock the hospital’s systems has not been made public, though it has been reported to be as much as 9,000 Bitcoin—the equivalent of $3.6 million.
  2. FBI says that reported incidents of ransomware losses went up to $18 million USD
    The US Federal Bureau of Investigation (FBI) has received reports of more than $18m in losses in the past year stemming from the spread of the bitcoin ransomware Cryptowall and its related variants. The financial impact to victims goes beyond the ransom fee itself, which is typically between $200 and $10,000. These financial fraud schemes target both individuals and businesses, are usually very successful, and have a significant impact on victims. The problem begins when the victim clicks on an infected advertisement, email, or attachment, or visits an infected website.
  3. WannaCry ransomware attack
    The WannaCry ransomware attack was a May 2017 worldwide cyberattack by the WannaCry ransomware crypto work, which targeted computers running the Microsoft Windows operating system by encrypting data and demanding ransom payments in the Bitcoin cryptocurrency.

These type ransomware attacks cause a lot of data loss and leakage that can cause harm to any level. The data analyst should know the tactics that can help their data center to protect their important data.

Suggested Solutions

The following solutions are suggested by most of the leading agencies

  1. Use antivirus software and firewall for your enterprise.
  2. Always back up the content on your computer.

If you back up, verify and maintain offline copies of your personal and application data, ransomware scams will have limited impact on you. If you are targeted, instead of worrying about paying a ransom to get your data back, you can simply have your system wiped clean and then reload your files.

CloudCodes provides Vault1 for EndPoint

Cloud Codes End Vault 1 allows the enterprise to quickly roll-out backup of their endpoints (laptop/desktop) within their enterprise with no dependencies of hardware or software. Critical data is backed up on cloud thus adding one more layer of security as data is not within the enterprise network thus impact of attack will not spread to backup storage. Device level, as well as file-level restoration, is available. CloudCodes Vault1 will be the right step towards preparedness against ransomware.