Encryption experts offer critical steps to fight ransomware

A new whitepaper to help businesses adopt more robust measures in the fight against ransomware has been published by iStorage, hardware encrypted portable data storage and cloud encryption solutions company. With an alarming rise in the sophistication and frequency of ransomware attacks expected in 2023, businesses of all sizes need to urgently familiarise themselves with the necessary steps to fortify their security posture.

Ransomware is expected to move into the mainstream with cyber criminals getting bolder, as Ransomware-as-a-Service (RaaS) - which sees ransomware authors offering clients off-the-shelf malware variants, expertise from the cybercrime community and databases full of credentials - puts the means to implement an attack into the hands of many more prospective perpetrators from the lone wolf to state-sponsored hacktivist groups.

CEO of iStorage, John Michael, explains: “Put simply, 2023 will see the coming together of the means, motive and opportunity when it comes to executing ransomware attacks. The growing social unease and tense geo-political relations that may cause grievances, the lucrative gains to be made, and now easy access to ransomware technology are a toxic combination that should be a cause for concern for cyber security and IT professionals.”

A single ransomware attack can net perpetrators millions of dollars, with recent attacks demanding upwards of US$70 million and cybercrime itself costing organisations $6 trillion per year in global damages. The European Union Agency for Cybersecurity, ENISA, says ransomware now “ranks as a prime threat” in the cybersecurity landscape.

Businesses across the UK could quickly find themselves in the firing line if defences are weak and left vulnerable. They need to recognise the characteristics of an attack through a better understanding of the evolving threat vectors, improved security policy and a dynamic incident response plan to reduce impact. Urgent action will be needed to stave off business downtime, financial loss and reputational damage.

Malware authors are flush with more directions of attack – and potential vulnerabilities lurking in a wider range of easily-accessed systems – than ever before. Ransomware spreads through various means, including phishing emails with malicious links or attachments, portable computers, exposure to public Wi-Fi, and Zero-Day vulnerabilities. Malicious threat actors are moving from simply locking down data to employing double and triple extortion tactics, whereby they intend to steal, threaten to share that information, and also make ransom demands against a business’s third-party clients.

Phishing attacks are also becoming more complex as technology evolves. For example, Spear phishing - crafting targeted attacks on individuals by aping high-level employees - can now be automated via AI to generate conversion rates of up to 80%. AI has been used to emulate the voices of CEOs making phone-based phishing (known as vishing) truly effective. And as the power of AI grows, such deep fakes will infiltrate video calls too.

John Michael elaborates, “The richest prizes have come from those with the highest level of access, and hackers now perform detailed reconnaissance on key targets. It has never been more imperative, therefore, to adopt a never trust and always verify stance with regards to access permissions. Firmly locking down access to an organisation’s data requires implementation of a Zero Trust strategy, with consistent encryption and a stringent backup policy. By doing nothing and assuming that an attack is something that will happen to other businesses will mean the situation becomes far worse in 2023.”

Taking a Zero Trust approach minimises the possibility of an IT infrastructure attack by removing any implicit trust. Every device, user, platform, tool or vendor must clearly demonstrate its security credentials. Employees must be trained to understand this, and a workplace culture must be built around cyber hygiene and resilience.