Originally published by New Context.
The 1920s—often referred to as the “Roaring Twenties”—produced some key historical figures. One of these whose life both inspired and saddened many people around the world was Charles Lindberg. Hailed as an example of the indomitable human spirit for making the first solo non-stop transatlantic flight of over 2000 miles in 1927, Lindberg would face probably the greatest tragedy a family can experience just a few short years later when his infant son was kidnapped. Even though the ransom was paid, he did not get his son back.
Regrettably, many enterprises are at risk of being placed in the same predicament as Lindberg, now in cyberspace. The accessing and encrypting of important data is one of the most debilitating and costly cybersecurity risks that companies face from hackers today. This makes it pivotal to understand ransomware attacks and how to prevent this type of cloud security breach from threatening your information security (InfoSec).
Prior to defining a ransomware attack itself, it may be helpful to review a few related definitions:
With these foundations in mind, a ransomware attack itself can be defined as a product of dedicated development intended to cause disruption to operations and perhaps profit from gaining illegitimate access to a computer system or network. Perhaps, it is no great surprise that ransomware attacks occur, but if you want to avoid being victimized by them, as unfortunately many other companies and organizations have been, it is important to know why they occur.
The reasons why some choose to execute ransomware attacks cannot be reduced to simply financial gain—though it is probably the leading cause. Some attacks may also be personally or politically motivated, or based on some utilitarianism philosophy. Irrespective of the attacker’s inspiration, protecting your operations or assets requires that you understand the most common methods and vulnerabilities that enable successful ransomware attacks.
It is obvious from the list above that for most successful ransomware attacks, the computer owner, systems administrator, and/or the entity victimized unwittingly abet the process. This fact provides both encouragement and a challenge to preventing these attacks.
Unfortunately, the answer to the question, “Can a ransomware attack be prevented?” is no. As long as someone, somewhere, thinks that your data has value that they can leverage, you are a potential target. However, all is not lost. It is true that you cannot prevent attacks or attempts to access and lock your data, yet, there are actions and practices that can stop them from being successful.
The uncomfortable truth about ransomware attacks is they require some degree of unpreparedness or inaction by the victim to be successful. For example, spam and phishing emails are benign unless opened. Additionally, failure to require that the remote desktop is either password protected or not open is an IT oversight that can allow users to access files on your machine. To avoid these types of breaches, the following simple steps can be instituted.
By instituting the steps above, your resistance and resiliency to ransomware attacks will be greatly improved, which can be a tremendous cost savings.