By Nuno Cândido, Cloud & Security Associate Director at Noesis
Over the last few years, we have witnessed a substantial technological evolution in all sectors and areas of society, with a dramatic increase in the use of mobile devices and the democratization of Internet access. We live in times when everything is connected, including appliances, vehicles, and people, where data sharing is increasing. With each passing day, more users are getting connected. According to a report developed by We Are Social, together with Hootsuite, in January 2021, there were 4.66 billion users on the Internet, representing about 60% of the world population and is representative of this digitalization.
The digital revolution has made people's daily lives more manageable and efficient in organizations, and its benefits are evident. In the same way, it has also put companies' cybersecurity systems to the test. Digital acceleration has been "fertile ground" for an exponential increase in cyber-attacks and ransomware attacks. According to data from Check Point Research, we have seen a 70% increase nationally in the last two months of this type of attack.
Phenomena such as the cloning of websites or ransomware schemes are recurring forms of attempted intrusion and undue capture of access credentials and personal/payment data, among other critical data. The transmission of personal data without prior inspection is the first step to becoming a victim of this attack.
So, what Ransomware really is?
Ransom malware, or Ransomware, as the name suggests, is a type of malware that prevents users from accessing their system or personal files, demanding the payment of a ransom to return access. In this sense, it becomes essential to identify some tips that help organizations to raise awareness among their employees and consequently reduce the risk of ransomware attacks:
- Backing up data
If we suffer a ransomware attack, we should immediately disconnect all devices between networks to prevent it from spreading. The Ransomware will lock all files and documents and be unable to be moved, so it becomes fundamentally imperative to make regular backup copies, preferably to a cloud, so that it is possible to restore the system. Backups do not prevent a ransomware attack, but they can mitigate the damage caused.
- Changing credentials
As soon as we discover that a ransomware attack has compromised our company, we should act immediately and change all the credentials of our accounts. In addition, we should have highly complex and secure passwords.
- Password protection
It is imperative to use passwords that are strong and unique. Many users have the bad habit of using the same password for all their accounts and accesses. This is a big mistake, because if this password is compromised, the door is immediately "open" to all data and information at once.
- Surfing online with security
It is essential to have redoubled attention while surfing the Internet. You should not reply to e-mails or text messages from people you do not know. Hackers often use cutting-edge social engineering, pretending to be people or entities they are not. The aim is to get the user to install a specific file or click on a link that will allow access to the system. Thus, a security extension in the web browser is highly recommended as a way to surf more safely.
- Education and awareness
Organizations can and should conduct ransomware simulations with their employees. These kinds of initiatives and tests allow not only for assessing the level of preparedness and attention of employees to possible attacks but also for everyone to be as prepared as possible to deal with real threats. On the other hand, it is also essential to create regular internal communications and awareness actions that explain the different types of malware to the teams and make them aware of this issue. On the other hand, it is vital to constantly train your teams, preparing them to act appropriately in the event of an attack.
- Investing in security solutions with Artificial Intelligence
From a more technical perspective, it is fundamental that organisations' security and IT teams focus on their Security Architecture, through a holistic approach that includes "intelligent" technological capacities and includes standards, guidelines, processes and practices that guarantee safeguard mechanisms of information and access security and privacy policies. It is necessary to change the paradigm - to look for abnormal behavior instead of focusing on searching for malicious behavior. And this paradigm shift is closer than we might think; artificial intelligence algorithms are one of the fundamental pillars of cybersecurity automation and an answer to the limits of human capacity. Artificial intelligence is a strong ally in the service of cybersecurity and an essential investment today.
Ransomware is a very present, increasingly sophisticated, and worrying threat in the new digital world. Therefore, all organizations, regardless of their size or sector of activity, are increasingly aware and, above all, more prepared. Also, at an individual level, redoubled attention is required when replying to e-mails and compliance with the most basic (and fundamental) security rules.
And is your organization prepared to face this threat?
Published (in Portuguese) in DO It!