With the world becoming more interconnected through the internet, the need to secure our interactions and privacy has become not just a luxury but a priority. This has made Cybersecurity a critical part in our endeavor to keep safe while on the internet.

With the high availability of information on the Internet, information has become the currency by which people trade, and with that, a greater threat has emerged in recent years—ransomware attacks.

Ransomware attacks involve malicious software (malware) that encrypts a victim’s files, making them inaccessible until a ransom is paid. These attacks can be devastating, often resulting in the loss of critical data and significant financial damage which eventually leads to loss of reputation for the affected individuals or organization.

In March 2021, Taiwanese computer maker Acer suffered a ransomware attack by a group called REvil. The attackers demanded a $50 million ransom to decrypt Acer’s files and avoid leaking them to the public.

To be forewarned is to be forearmed. So how do you reduce the chances of a ransomware attack? First, it is important to understand the tactics and strategies employed by the attackers.

Below are some of the ways used by attackers to deploy ransomware:

1. Phishing emails: This is by far the most common way to deploy ransomware. Emails are sent to unsuspecting users, staking their claim to legitimacy by appearing to originate from a credible source, such as a boss, bank, relative or even a well-known organization; with a specific call to action which is normally clicking on a link or navigating to a website.
2. Malvertising: Attackers choose to hide their agenda in ads that run on legitimate websites such as betting websites. When users click on these ads, they are normally redirected to websites that download ransomware onto their machines which, nowadays, includes mobile devices.
3. Software vulnerabilities: Software installed at the point of installation is normally legitimate and allowed on the system it is installed on; when not updated/patched, it becomes a portal that attackers can use to gain access to the machine and the network of an organization to deploy ransomware. It is important to keep ALL software updated to prevent this kind of attack.
4. Remote Desktop Protocol (RDP) attacks: With Covid-19 came work from home, and with work from home came remote assistance through Remote Desktop Protocol (RDP). RDP attacks occur when attackers gain access to an organization’s remote desktop protocol and use it to deploy ransomware. RDP attacks are becoming prevalent with the shift to remote work.

Steps to take for protection against ransomware attacks

1. Regularly back up data: Always ensure you have a backup of all critical data, preferably at a different location or on another air-gapped network endpoint, and authorised individuals can readily access that.
2. Keep software up to date: As mentioned earlier, unpatched and/or out-of-date software could provide a way in for attackers therefore it is key that software in use within the network is updated and those not in use, uninstalled to reduce the chances of dormant software being used as attack vectors.
3. Use strong passwords: Passwords are normally one of the first tools in the line of defense against unauthorized access to systems. It is advisable that passwords ought to be complex and unique and should be changed regularly. I personally encourage people to use sentences in their native language that cannot be brute forced by password-guessing engines.
4. Train employees: Humans are the first line of defense to a network and employees are to be equipped with the relevant know-how in order to prevent actions that would lead to a ransomware attack. This would include how to identify a phishing email or text or other tactics employed by Cybercriminals.
5. Deploy antivirus software: Antivirus software are like antibodies in humans; their work is to fight pathogens that might cause diseases. A good antivirus can detect and remove malware from an organization’s network. It is crucial to deploy antivirus software on all devices connected to the network.

In conclusion, ransomware attacks are a growing threat to organizations across the globe. Cybercriminals are becoming more sophisticated in their methods, making it essential for organizations to take steps to protect themselves against these attacks. By implementing the best practices outlined above, organizations can mitigate the risks of ransomware attacks and protect their critical data.

For Information about our Safaricom Business Solutions visit www.business.safaricom.co.ke #SecureFibre #SafaricomBusiness #Cybersecurity