In 2013 the cyber-security community was caught off-guard as the now infamous CryptoLocker virus rapidly spread throughout the world via phishing attacks and so-called “drive-by downloads.”
Colloquially known as “ransomware,” viruses of this type encrypt a user’s files and then demand payment in an anonymous digital currency such as Bitcoin in exchange for returning access to the user.
Boasting an incredible success rate, with 40% of users reportedly paying the ransom, the CryptoLocker virus led to a near immediate rise in copycat viruses. In Q1 of 2015 alone, McAfee reported that the number of such attacks increased an incredible 165%. Though every company thinks their data is secure, given the rapid rise of PC ransomware, businesses need a layered security approach to preventing their data being held hostage by cyber-criminals.
What Is Layered Security?
Given the diversity of the different attack vectors by which ransomware can make it onto a computer system, there is no single network security solution by which to protect a company’s data. An infection could occur, for example, as the result of an employee being successfully tricked into clicking a malicious download link included in a “phishing” email, but it could also make its way onto a machine via another piece of malware already residing on the computer, or even by a clandestine download through some compromised piece of third-party software. A layered security solution is a holistic security approach which attempts to head off the virus at each potential attack vector.
Perhaps the most important piece of protection against ransomware is quality, up-to-date antivirus software. While it is true that ransomware viruses are constantly being updated to avoid detection, global cybersecurity teams are vigilant in their search for new permutations of known threats; when a new version is found, antivirus software is updated to defend against it. This is a first step towards robust data security, but it can only be that: new instances of old threats and wholly new ransomware viruses always have a lead-time during which antivirus software is not properly equipped to stop their spread.
A consistent problem faced by IT support in corporate firms is the clandestine presence of malware in a system. While viruses are, of course, a type of malware, it is not uncommon for systems to be infected by rootkits, trojans or other security threats which do not, themselves, do damage, but rather puncture vital security barriers when called upon by a hacker. While antivirus software can help defend against immediate attacks, anti-malware software is necessary to root out these hidden threats.
It is true that targeted attacks are rare causes of the installation of ransomware. Cyber-criminals attempting to profit off the ransoming of data rely on the volume of infections to make a buck, and as such they do not usually devote the time and energy required to breach the security of any particular system. This does not mean, however, that robust firewall security is unnecessary. Not only does a properly configured firewall protect your private network, it also defends against compromised web applications and other vectors of attack.
An often overlooked layer in any good network security approach is the education of the network’s users. If they do not know how to identify fake e-mails, malicious downloads, or best-practices by which to avoid dangerous websites, these users will inevitably be the hole that ransomware needs to breach your defenses.
All-in-all, though a robust layered security approach can minimize the threat of ransomware, there is no such thing as a fool-proof network security solution. Given the rising threat of ransomware wherein data theft is not threatened, but rather data destruction, a frequently updated backup of all sensitive data is an absolute necessity in 2016. Whether you choose to host your backups on a private cloud or on an air-gapped machine that is not connected to the Internet, no business should go without secure copies of the data that they would need to keep functioning were ransomware to make it onto its system.
We have a great resource to help you get your network security on track and it includes a free disaster recovery check list. We invite you to download our free Business Owner’s Guide to Data Protection & Security.