You may have seen the headlines that ransomware attacks are down so far in 2019. It’s true. Ransomware detection and prevention tools are getting better and that’s helping. However, hackers are evolving as well. They have adapted to detection methods and created new ways to attack.
Don’t Be Fooled
These headlines shouldn’t give you a false sense that the threat has been neutralized. While the current stats show that ransomware attacks have diminished by as much as 30 percent in the past year, that’s after a 97 percent increase in the previous two years.
The good news is that ransomware attacks declined every month in 2018. The bad news is that ransomware still hits with regularity, attacking a new organization on average every 14 seconds.
In recent months, at least 3 organizations have been impacted by the latest ransomware family called Ryuk. Organizations such as Tribune Publishing and Data Resolution were impacted by a silent attack which was spreading through their networks undetected. It went undetected due to its ability to identify and encrypt network drives, as well as delete shadow files left on the endpoint. During its initial launch back in August 2018, the Ryuk Ransomware landed attackers an estimated $640,000 in ransom and still remains an active threat.
Here’s an even scarier statistic: Three-quarters of the companies infected by ransomware attacks report they were running updated endpoint protection.
Take A Pro-Active Approach To Cyber Security
While the attacks may be slowing, if you’re the target, you’re in trouble. That’s why it’s so important to take a more pro-active approach to your cybersecurity as opposed to relying on solutions-based methods which first identify, and then resolve the problem once it’s already there. If you can stop it before it hits, you are ahead of the game. Once it’s hit, it’s going to be extremely disruptive and expensive to recover.
Interpol’s 2018 Internet Organised Crime Threat Assessment report says ransomware is still one of the top cybersecurity threats in the world. Financial institutions and healthcare organizations regularly top the list of targets, but that may be because they are required to publicly disclose data breaches and cyber-attacks. The number of private companies that get hit is unknown.
Evolving Cyber Security Threats
While ransomware attacks were declining, cryptomining malware was becoming more prevalent. Cloud and mobile app attacks are increasing while email phishing and business email compromise still continue to be the top threats.
When Bitcoin prices skyrocketed, these malware attacks exploded on the scene. One estimate was that as many as 42% of all malware attacks were related to cryptomining schemes that tapped into the processing power of victims.
Cloud Infrastructure Attacks
As more data moved to the cloud, cloud infrastructure attacks multiplied as well. Companies including Tesla, FedEx, and Aviva fell victim.
Whether it’s ransomware of other types of malicious code, cybercriminals have evolved in their tactics. Exposed RDP (Remote Desktop Services) connections essentially leave a backdoor open for hackers. Identifying exposed RDP connections is easy with publicly available tools. Once identified, brute force attacks are launched to hijack RDS and RemoteApp sessions transparently. Some attacks can even connect to sessions without a password.
If that’s too much trouble, hackers can buy lists of compromised machines on the DarkWeb.
Mobile App Attacks
Mobile app attacks are the newest target. It’s estimated that as many as half of smartphones using Android OS are running old operating systems which haven’t been updated. Without applying patches, these systems can be wide open for hackers.
A breach of Under Armour’s My Fitness Pal app affected 150 million users. A terrorist organization launched malware from inside a malicious World Cup score-tracking app and spoofed dating apps. These apps were designed to defeat military security, turn on cameras and microphones, and capture user’s GPS locations on some soldier’s phones. Mobile messaging apps and social media apps are under attack.
With the increasing number of employees that use their own personal devices to access workplace data, documents, and networks, the potential exposure increases significantly.
Phishing emails remain the most common way the bad guys steal credentials or launch malicious code. These BEC (Business Email Compromise) attacks account for the majority of breaches and account for $676 million in losses annually.
Ransomware Prevention, Email Security, Mobile Security, And Data Security
Ransomware prevention, email security, mobile security, and data security should be at the top of your cyber security list.
Even with improvements – and more attention – to digital security, cybercriminals keep finding new ways to do damage. In January 2019 alone, the largest collection of breached data ever discovered compromised 770 million email addresses and passwords.Malicious card skimming hit DiscountMugs.com where thieves stole credit card info. An email phishing attack hit payroll provider BenefitMall. Online video game Fortnite was hacked through a flaw in the code potentially affecting 80 million worldwide users. Millions of files, including FBI investigations, were exposed on an open storage server at the Oklahoma Department of Securities. The world’s largest asset manager had financial data of clients exposed. Huddle House, Dunkin’ Donuts, Houzz, and a number of health organizations announced breaches.
The list is mind-boggling just one month into a new year.
Whether it’s ransomware or any variety of nefarious cyber attacks, you simply can’t afford to wait. You cannot rely on threat assessments that rely on a list of known bad actors. Often, by the time new threats are uncovered, the attackers have evolved and moved on to something else.
The solution is active cybersecurity protection. You need email and digital fax encryption, network access security, and active monitoring for IP hijacking.
How Shield Can Protect You
Shield provides innovative cybersecurity solutions that simple to use and easy to understand. Shield-SDE (Secure Data Exchange) integrates with any application and prevents attacks by ensuring your data is encrypted and access is controlled. It provides secure files and email access for documents and faxes while improving operations and reducing costs.
- Secured Data Exchange
- Secured Data Exchange Mobile App
- Hijacked IP Address Detection
- Automated Penetration Testing
- Malware and Zero-Day Attack Defence
- User Authentication and Access Verification
Contact Shield today and let us show you how we can help you be the hero in your organization with superior cybersecurity & breach prevention solutions.