top of page

When data is held ransom

Updated: Jan 25, 2023

Ransomware attacks are one of the most common cybersecurity threats. It can have a devasting impact on a business. During a ransomware attack, hackers essentially encrypt your information. In order to regain access with an encryption key, the business would usually be required pay the hackers in the form of bitcoin or a similar an untraceable currency. Hackers can gain access through hardware, for example a USB device picked up and used by staff or a compromised e-mail account. However, most commonly, they gain access through, like phishing attacks – mails that mimics trusted organisations or people, but contain malicious content.


Even simply opening a phishing e-mail could provide the hacker with access to your network. Once they’ve gained access, hackers can remain dormant or undetected for years. Thus, when they finally take your data ransom, you might not be able to rely on backups within your business.


When your information is taken ransom, it is advisable to not pay the hacker, especially when you don’t know how access was gained.


“It is not advisable for business to pay the ransom if they don’t know how the attack occurred,” says Michael Morton, Solutions Architect at Securicom. “You need to understand the full attack sequence from when they gained access, how they gained access, which parts of the network were compromised, how it was compromised and whether the mitigating and remediating factors are in place to prevent it from happening again.”


Business can establish mitigating and remediating systems by conducting vulnerability assessments and internal audits – something with which Securicom can assist. But the true key to protecting your cybersecurity landscape and determining how a breach occurred is visibility into all your systems.


Visibility provides insight into how and where the hackers went, but more importantly, the right visibility can help identify a hacker before an attack occurs. The Securicom Managed Security solution provides oversight into all cybersecurity technology within a business to ensure the technologies communicate effectively.


Back to the basics

Something as simple as using different passwords for different devices or systems as well as using a “strong” password can assist with increasing the security of your businesses. Using the word “password” as your password is a beginner’s mistake. It should never be something that can easily be guessed.


Be sure to combine letters, number and special symbols. Another essential security tool is two-factor authentic. As Michael says: “Two-factor authentication is an easy security tool that can prevent most data breaches.”


Protecting against ransomware

For businesses that want to ensure further protection against ransomware, Michael provides some advice: “Your most common vector for ransomware attacks are via your e-mail system, weak or inadequate security as well as a lack of user awareness and adequate training. Businesses need e-mail security that provides advance threat protection against zero-day and ransomware attacks. In addition, there needs to be user educational training and internal phishing simulations to identify your key risk users.”


To break this down further, businesses need to focus on three key areas:

  1. E-mail security;

  2. User training;

  3. Phishing simulations.

  4. Endpoint security, including AV, EDR and patching.

A robust e-mail security solution would assist in detecting suspicious e-mails as they enter your cybersecurity landscape before they even reach the end user. User training would ensure that your staff spot a strange e-mail and report it in the correct way, while phishing simulations allow your cybersecurity team to identify the staff who pose a risk for the business. These individuals could be provided with further training.


Training could also be useful to ensure that staff can report any suspicious e-mails correctly. Forwarding an e-mail is worst thing to do. Instead, the e-mail can be shared as an attachment with the cybersecurity team. Securicom, through its Managed Security solution, provides a solution that makes reporting a suspicious e-mail as easy as clicking a button – literally!


Finally, Michael encourages businesses to ensure that their information is encrypted. Securicom provides solutions that can assist with encrypting your data as well as doing a roll back on any encryption placed on data by hackers via industry leading EDR technology. Not to mention the various solutions available to assist with user training.


In essence, Securicom has you covered! Give us a call on 0861 591 591 (South Africa) or send us an e-mail at sales@securicom.us.com.


46 views0 comments

Comments


bottom of page