Cyber Extortion: How to Prevent Ransomware Attacks

Summary: This 3-minute article explores the cyber security required to protect against ransomware attacks. Also, learn about triple extortion ransomware and how to prevent an attack. Then, contact DIGIGUARD CYBER SECURITY at 833-33-CYBER (833-332-9237) or visit www.DIGIGUARDsecurity.com for a cyber risk analysis and to discuss your SMB’s overall cyber security plan.

Most businesses understand the importance of cyber security. With a dramatic uptick in cybercrime since the pandemic, SMBs have been the “low-hanging fruit” targeted by hackers. A large corporation might be able to survive a cyberattack. However, over the past few years, 60% of small businesses attacked by cyber thieves have gone out of business within the next six months. Ransomware attacks are of particular concern because they hold business data hostage, slow down or stop normal operations and can require the paying of ransom demands. In addition, they can entail other costs that include hiring IT experts and possible legal fees and penalties related to defending lawsuits from vendors and other parties affected.

What Is A Ransomware Attack?

Ransomware attacks use crippling malware that encrypts a victim’s data, making it unreadable, and then holds it hostage until the victim pays the ransom demands. Under a ransomware attack, a business will not have access to its files, databases and applications. Ransomware can be programmed to spread throughout a network, targeting servers and preventing most, if not all, company functions. Once the target files are encrypted, the ransomware demands the user pay a specific ransom amount, usually paid within 24-48 hours, to have the files decrypted. In the worst cases, the ransom is paid but the hacker doesn’t decrypt the data.

As quickly as cyber security experts develop new defensive protections, cybercriminals follow with new variations of their attacks. Also, user-friendly malware kits have become available online, allowing IT novices to create their own ransomware without much computer knowledge. Many newer attacks hit entire server disks instead of just specific files. Because ransomware attacks can be so lucrative, nefarious ransomware creators often ask for a cut of any ransom collected by their customers. There are also reports of ransomware gangs that work together on coordinated attacks.

Double And Triple Extortion Ransomware

Ransomware attacks of any kind are disastrous. But hackers have continued to refine and expand their attacks by adding additional layers of ransomware extortion. Double extortion malware attacks are about more than just getting the ransom paid. In a double extortion attack, the hackers completely copy the target’s data for additional leverage if the ransom isn’t paid. In ransom negotiations, they can also threaten to release the data and make it public. Disclosure of private or proprietary data can often seriously damage or even bankrupt a target SMB. If double extortion ransomware wasn’t bad enough, cyber thieves have created a worse version, called triple extortion ransomware.

• Triple Extortion Ransomware – Triple extortion ransomware is a diabolical attack. With this technique, hackers exert three points of pressure:
  • Encrypt the data of the target business
  • Threaten to release the company’s data to the public
  • Intimidate vendors and other business connections whose data was shared by the target and demand ransom from them too

Triple extortion ransomware can also launch distributed denial of service (DDoS) attacks that cripple the business associate’s business and the original target. Cybercriminals also use burner phones to make threatening phone calls to turn up the pressure for ransom payments. High-compliance organizations charged by law with protecting clients’ private data are exposed to monetary repercussions beyond the ransom, because the compromised third-party data can incur significant legal expenses and financial penalties.

Ransomware attacks have increased every year and are up over 500% in the last few years, damaging reputations and bankrupting companies.

Ransomware Protection

Fortunately, protective measures can be implemented to protect against and mitigate the consequences of a single, double or triple ransomware attack:

• State-Of-The-Art Cyber Security – It is essential for all businesses to install state-of-the-art, up-to-date cyber protections. If you are unsure what protections are best for your company, it would be money well spent to employ IT experts to help you make informed decisions.
• Encrypt Your Most Sensitive Data – Decide what data is most sensitive and then encrypt those files, limiting the access of cyber thieves launching an attack.
• Regularly Back Up All Data – Creating an up-to-date backup of all your data and storing it on a secure server, restoring data will make recovering from a ransomware attack much easier and limit downtime.
• Protect All Endpoint Devices – Any connected device is a potentially vulnerable endpoint. Left unprotected, devices can be an easy access point through which a cyberattack of any type can be launched.
• Employee Training and Best Practices – Ongoing cyber security training is essential to getting all employees on the same page for protecting against and responding to ransomware attacks. Strong passwords and secure password management should be part of the training program.
• Restrict Permissions – To enhance internal protections, access to sensitive data should be limited to the employees needing access.
• Scan For Threats – Use your security tools to perform regular computer system scans to identify threats and monitor your network for suspicious activity.

Ransomware attacks are becoming more sophisticated all the time. As the attacks evolve, using a DIY approach to ensure protection is becoming increasingly more challenging. It might be time to hire IT experts with extensive cyber security knowledge and experience to help lock down your sensitive, hard-earned business data.