The Roots and Future of Ransomware

Written by Carbonite Guest Blogger
September 23, 2020

Historically, ransomware targeted individual personal computer users; today, the big money is in attacking businesses—and MSPs are a huge target.

build automated campaigns. Many of these kits are available free of charge for the payload, but criminals owe a cut (usually about 30%, but this can vary based on how people are infected) to the author for a ransom payment using their payload. Grandcab, also known as Sodinokibi, was perhaps the most famous to use this tactic.

Targeted attacks

Cyber criminals are moving away from mass distribution in favor of highly focused, targeted attacks. The exploit is carried out by using tools to automatically scan the internet for weak IT systems. The attack is usually opportunistic, thanks to the vulnerability scanners used. Targeted attacks often work by attacking computers with open RDP ports. Common targets have included large hospitals and municipalities.

Stay cyber resilient with multi-layered defense

As you can see, ransomware criminals have a full quiver of options when it comes to launching attacks. But the good news is that there are also multiple solutions for defending systems against them. The best way to secure your data and your business is to use a multi-layered cyber resilience strategy, also known as defense in depth. This approach uses multiple layers of security to protect the system. We encourage businesses of all sizes to deploy a defense-in-depth strategy to secure business data from ransomware and other common causes of data loss and downtime.

Here’s what that looks like:

Backup: Backup with point-in-time restore gives you multiple recovery points to choose from. It lets you roll back to a prior state before the ransomware virus began corrupting the system.

Advanced threat intelligence: Antivirus protection is still the first line of defense. Threat intelligence, identification and mitigation in the form of antivirus is still essential for preventing known threats from penetrating your system.

Security awareness training: Your biggest vulnerability is your people. Employees need to be trained on how to spot suspicious emails and what to do in case they suspect an email is malicious. Our colleagues at Webroot have proven that ongoing user education at regular intervals significantly reduces phishing clickthrough rates.

Patch and update applications: Cyber criminals are experts at identifying and exploiting security vulnerabilities. Failing to install necessary security patches and update to the latest version of applications and operating systems can leave your system exposed to an attack.

Ransomware mitigation plan: Make sure your IT staff and employees know what to do when a ransomware virus penetrates a user’s system. The affected device should immediately be taken offline. If it’s a networked device, the entire network should be taken down to prevent the spread of the virus.

You don’t have to wait around for ransomware to come knocking. Check out these five strategies for protecting your business from the cybercriminals looking to extort it.

This guest blog is part of a Channel Futures sponsorship.