Barracuda Networks cybersecurity expert Toni El Inati: Ransomware attacks and ways to protect your business
Payment for ransom data is not the solution
According to Toni El Inati, RVP Sales, META & CEE, Barracuda Networks, while Ransomware is not new, it has evolved into a more destructive threat than ever before. Writing on ITP.net, he insists that protecting companies from Ransomware attacks is all about protecting their data.
There are some important emerging trends in how companies should mitigate the threat from cybercriminals. Resistance to Ransomware demands by companies is starting to build following some disturbing statistics; according to a new report, 80% of companies that had paid a ransom were attacked again. Of those unfortunate organizations, around half believed their new attacks came from the same criminal groups as before.
Toni El Inati also notes other deficits as a result of Ransomware attacks. Security professionals think that cybercriminals compare notes on which companies have been known to pay ransoms and up to half of those attacked find their recovered data has been corrupted anyway – making the payment to the criminal pointless anyhow.
Another negative factor is that cryptocurrencies are being used as the unit of exchange to pay the ransom. These new forms of currency are currently in high demand, costing companies paying ransoms even more because of the punitive exchange rates for cryptocurrencies.
Toni El Inati emphasizes companies are making a big mistake trusting cybercriminals to honor ransom agreements. “The perpetrators of Ransomware attacks are cybercriminals, and therefore cannot be trusted. All too often, victims who pay are contacted several months later and asked for another payment to keep the stolen data secret.”
Data security is at the core of the ordeal, he writes, but once data has been stolen or placed out of reach by an attack ‘it is compromised forever.’
Tony El Inati goes on to explore how attacks develop and then are carried out – potentially then ending in public data breaches. The threat landscape is also becoming more organized, with some groups of attackers coordinating and even working together to deliver attacks. The targets chosen by attackers are also becoming strategic and unusual – logistics and industrial systems have become valuable targets for cyber ransom gangs.
Toni explains steps to effectively protect companies from Ransomware, what standards of protection should be used and what the prospect is for the future threat landscape.
He suggests that the best defense focuses on three key areas: protecting your credentials; securing your companies’ web applications, and always having a strategy to back up your data. Backing up data needs to include mapping the location of all company data wherever it is, and having a back-up plan that replicates the on-premise data structure in the cloud with built-in restoration points. Companies who use it would also need to plan facilities for restoring Office 365 and related solutions, too.