© 2019 SourceMedia. All rights reserved.

Over-confidence could be first step to ransomware vulnerability

Ransomware attacks decreased by 30 percent in 2018, in what might seem like a good omen for the year ahead. But don’t get your hopes up.

Ransomware — malicious software that threatens to publish or block access to a victim’s data in exchange for ransom — has been on the decline since the widely publicized WannaCry outbreak in 2017. But despite recent reprieves, cybersecurity experts forecast a troubling resurgence of ransomware attacks in the year ahead.

That’s because ransomware isn’t dead — it’s just adapting. And hackers are setting their sights higher, choosing to target whole enterprise networks using sophisticated cryptojacking malware. So what does that mean for your business?

Here’s what you need to know about ransomware to ensure that your organization’s data is protected in 2019:

Ransomware attacks will increase across businesses of all sizes

Small businesses and large enterprises are equally likely targets of ransomware, especially given both the increased sophistication of hackers and business leaders’ own underestimations of their vulnerability. While enterprise leaders might think they are too savvy to be victimized by malware, they’d be wrong.

ransomware 2019.jpg
Employees read a ransomware demand for the payment of $300 worth of bitcoin on company computers infected by the 'Petya' software virus inside a retail store in Kiev, Ukraine, on Wednesday, June 28, 2017. The cyberattack similar to WannaCry began in Ukraine Tuesday, infecting computer networks and demanding $300 in cryptocurrency to unlock their systems before spreading to different parts of the world. Photographer: Vincent Mundy/Bloomberg

Businesses that are too optimistic about cybersecurity are more likely to fall prey to hackers. This is especially true of large enterprises, since more employees means more vulnerabilities to attacks. We’ve seen, for example, phishing emails disguised as legitimate alerts from brands like Office 365 that could fool even the most cautious employees — who then expose their whole organizations to attack.

These stealthy tactics are growing harder to detect and can potentially skirt current intrusion detection systems. If IT teams are overly confident about their ability to find and stop threats, they risk ransomware attacks that might escape their notice for weeks or months at a time.

The cloud will become a battleground for the most dangerous threats

Eighty-three percent of enterprise workloads are moving to the cloud by 2020, which means hackers are already shifting tactics to enter a new arena.

While clouds are often more secure than most data centers, they’re not invincible. And cloud providers can only do so much. You can’t rely solely on your cloud provider to protect the integrity of your data. Managing applications, maintaining security and monitoring performance should be a shared responsibility between the cloud provider and enterprise IT. Ultimately, your business is the one that suffers in the event of an attack.

Your IT teams have to ensure that security parameters in the cloud are adequate, forward-thinking and flexible.

The basics are still your best bet for heightened cybersecurity

Yes, 2019 will bring new challenges and threats to your data, but it’s not all doom and gloom. Even simple investments in cybersecurity measures, like intrusion detection and protection, can significantly decrease the risk of ransomware attacks.

Solutions that identify red flags (like when an unusual amount of files have been updated), anticipate false positives, and continuously monitor for threats can guard against otherwise destructive attacks.

While hackers are using more sophisticated tactics to target victims, cybersecurity tools are advancing, too. Your team needs a proactive approach combined with the most powerful security solutions to ensure that your business doesn’t become another victim in the coming year.

For reprint and licensing requests for this article, click here.