Today’s cyber-criminals do not give up easy. While cybersecurity is a rapidly advancing field, so is cybercrime. Many bad actors have adapted their ransomware tactics to combat the latest ransomware defences.
The story, historically…
Many of you will be reading this now in the same mindset. Well, I have antivirus? What is the fuss about?
We do not like to offend anyone, so let’s call this some friendly advice. WAKE UP!!!!
Simple fact – antivirus is no longer enough. In fact, products alone are no longer enough.
Rewind 15 years, viruses were designed mainly to annoy, not destroy. With of course a few exceptions! For those IT technicians reading this who just threw their arms up in the air after reading that sentence.
Fast forward to today, new age cyber-criminals have learnt how much money can be made through cybercrime, with a predicted 10.5 trillion annually to be made by 2025. And while breaking into email accounts and sending fake invoices no doubt makes a lot of money, the general public are now more aware of this tactic, so it is less lucrative for the cyber-criminals. The real money is made by accessing corporate data, and holding it to ransom from the owners of that data in various ways.
While the original tactic was to simply deny the victim access to their data until they paid the ransom by encrypting it, recent attacks have seen the hackers leak that same data onto the web for the general public to see until they are paid in full. As you can imagine, this is a serious data breach, often leading to leaks of the personal data of individuals, groups and companies. Others will post the data anyway, regardless of payment, either out of malice or as an attempt to gain more income from the attack by auctioning the data off to a third party. Ransoms are usually tens of thousands of pounds.
This data is sometimes posted in full on the open web for anyone to read or may be auctioned off to the highest bidder on the dark web where it can be much harder to detect. Having sensitive data about your business, your finances, your clients, or your network available online puts you at greater risk of extortion, fraud or further cyberattacks. Worryingly, some organisations’ sensitive data is already available online without them realising.
As cyber-criminals adapt, so must businesses like yours and professional IT providers like us. This means that having an effective disaster recovery plan in place is no reason to become complacent about ransomware and other online threats.
But I have backups?
Although backups are of course a safety net regarding data loss, what they do not prevent the data leaks outlined above. This is why cyber-criminals have now changed their strategy, as before businesses just restored their data. So backups alone are now no longer enough to protect you. Also, some cyber-criminals have also been known to add scripts into their attacks that change your backups to only hold the last copy of your data, and then they allow the backup to run, deleting the historic data, before overwriting the now only backup with the encrypted data.
How Carden IT Services can help
At Carden IT Services, we are constantly researching the latest online threats and their countermeasures. We have recently launched our new dedicated cyber-defence team, news article here and have begun offering new cyber-defence services and training to our customers. This includes the latest ransomware protection techniques and technologies as well as entirely new services like automated dark web scanning to detect breaches of sensitive information. Our customers will be able to learn more about these new services at their next quarterly business review.