One in 10 organisations were hit by attempted ransomware attacks globally in 2023, according to GlobalData’s Deep Dive into Ransomware report, which raises the question of whether an organisation can, indeed, avoid a ransomware attack?
With an increase of 33% on the previous year, many companies are asking themselves when, not if, their businesses will be hit.
When recognisable brands such as Hyundai, Sony, Boeing and even the NHS are subject to ransomware attacks, it appears that any steps an organisation takes might be in vain against cyber criminals — but that is not the case, according to GlobalData.
Cybersecurity is not always about making system penetration impossible, often if criminals are determined they will find a way to wreak havoc. So, for many businesses the solution is simply ensuring that launching an attack becomes more effort than it is worth.
With over 600,000 attacks globally in 2023 – how do businesses ensure that they are not one of the victims?
Verdict presents five strategies to avoid a ransomware attack:
How well do you really know your competitors?
Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.
Thank you!
Your download email will arrive shortly
Not ready to buy yet? Download a free sample
We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form
By GlobalData1. Eyes on malware
An organisation should be scanning its devices and emails regularly for malware. Often cybercriminals use email links and hidden downloads as attack vectors on company machines.
If a criminal can get into an employee’s machine, even a relatively junior staff member, what else can they access? OneDrive, SharePoint, or GoogleDrive, for example? With phishing emails becoming harder to spot and employees becoming tired of the same cyber clichés, staff vigilance can not be the only resilience tool. Scaning company files and emails for malware must be done too.
2. Backup is business critical
Last year only two percent of business services were restored by an offline or air-gapped backup after they refused to pay a ransom.
Having a backup on the same server as sensitive data is only viable until the attack reaches a business’ server. GlobalData reports that 51% of ransoms are over $100,000 so if a business does not have that amount of money immediately available and it is without a secure backup, it might find itself with limited options.
3. Know your stuff
GlobalData recommends staying informed and vigilant when it comes to ransomware. This does not mean becoming a qualified cyber practitioner but it does mean understanding the changing landscape or taking the meetings with the people who do.
Often cybersecurity is seen as a cost centre which reaps no return on that investment — until an attack takes place. Staying informed of different types of attack vectors means a business can stay one step ahead and implement the right infrastructure for its business. While senior executives deliberate on the latest ask from the CTO/CIO or IT team, cyber criminals are working 24/7 to steal data, profits, and disrupt business processes.
GlobalData’s ransomware report advises that: “Businesses must invest in threat intelligence and understand evolving ransomware trends to anticipate and counteract threats. Businesses must collaborate with law enforcement and industry peers to share insights and best practices.”
4. Create a security culture
If a business is guilty of kicking decisions around cybersecurity into the long grass and waiting for a different day, it should not come as a shock that employees are clicking phishing links, downloading unfamiliar software and inserting ‘spare’ unknown USBs into their computer.
If a company doesn’t care about cybersecurity, why should its staff? More often than not, it is human error that leads to a cyberattack, and while it is not solely the responsibility of employees, it is still an area companies need to pay attention to. An e-learning course once a year is not enough.
Staff need to understand the risks and the mitigations, for instance ensuring businesses have a company VPN that can be used when remote workers connect to Wi-Fi at home or out of the office, and restricting the download of unapproved software to company devices. It is inconvenient yes, but it could save a $100,000 ransom.
5. Make a plan and test it
Businesses need an incident response plan that works well. And it needs to be tested regularly. It cannot just be the IT team who knows how a ransomware attack works, because there is no guarantee that an attack would happen on their machine.
Most ransomware attacks happen between 1am and 5am – so businesses need a plan for this scenario. This might be an outside cyber vendor, which is good practice, as they offer out of hours services. An on-call list of staff for a 3am system hijack is critical, as is a disconnect policy if emails/intranet/Microsoft Teams etc. is infiltrated so staff can communicate outside of company infrastructure.
If businesses have these and several other steps in place, that will go a long way, but even the most robust plan can fall down if it is not tested. Routinely stopping business operations for a day to simulate a cyber attack is again, yes, inconvenient but necessary.
It can never be more inconvenient than an attack which can stop business operations for good or a ransom cannot be paid, with no insurance for the attack.