The TSL
Blog

Cyber Security - Ransomware

By Paul-Michael Gransaull
Marketing Officer
April 29, 2022
Cyber Security - Ransomware main image

As the digital economy expands, the world has become more dependent on electronic transactions in our daily lives. However, with this convenience and speed of business also comes the threat of cyberattacks which are becoming more prevalent than ever before. February 2022 is now on record for the highest reported number of digital malicious attacks, over 120,000,000! The question every organization should be asking themselves whether private, public, small or large, is “are we resilient against a cyberattack and what is our response plan if it were to happen?”

It’s hard to turn on the news these days and not hear of a cyberattack taking place somewhere in the world but also increasingly, right here in Trinidad and Tobago. Of these cyberattacks, one of the more pervasive is Ransomware, malware created to stop access to files on an enterprise system. Most commonly, this type of attack encrypts the victim’s data and renders it inaccessible until a ransom is paid, but can also include theft of this data as well. Ransomware became known in 2017 via one of its more notorious variants known as “Wannacry”, the emotion evoked by the victim upon discovering the attack and the sudden the inability to access their data.

Ransomware attacks grew in prominence during the Covid 19 pandemic where the trend of offsite connectivity grew in popularity as more people took to working out of office from their homes. As the need to access company data outside of the corporate network increased, so too did the opportunity for malicious actors to find backdoors into private networks. In 2020 alone there was a 50% rise in ransomware from Q1 to Q3 and it was discovered that many businesses did not have sufficient cybersecurity solutions in place. And even for those organizations that may have invested in some form of cybersecurity, only a fraction of them are regularly updating and testing their business continuity plans.

Malicious actors most commonly circumvent an organization’s defense via phishing email campaigns. Phishing attacks typically appear to originate from a trusted source or its content seem relevant to the intended audience, often featuring an attachment to download or a link to click on. If one performs either action, the attack is initiated. Once in, the attacker can upload malware directly onto the company network. Very often hackers can be in their victim’s environment for months, laying the foundation for a ransomware attack having accessed and encrypted both production and backup environments, ensuring their hooks are too deep for the customer to mitigate the attack without paying the ransom.

Protecting against the omnipresent nature of cyber-attacks is a daunting task with a broad surface area to cover. Best practices should be followed including education and awareness for the users in your organization. Since most ransomware is spread via the aforementioned phishing attacks, training your workforce on how to identify the difference between an actual email and a phishing email would be an effective first step. Automating and regularly testing backups is another best practice to follow. Frequent software updates also go a long way in keeping the enterprise safe from cyber-attacks as software patches are issued regularly, improving software functionality and cyber defense. Another best practice to add to your arsenal of defenses is the strengthening of user authentication through tools like Privileged Access Management and Multi Factor Authentication making it more difficult to steal or guess a user’s credentials.

Through our partnership with best in class security solution providers like Checkpoint and Hitachi Systems Security, TSL is able to offer an array of solutions to protect your enterprise and in the unfortunate event of an actual attack, Incident Response and Threat Mitigation Services. For more information and to learn how you can access a free Cyber Security Check Up please email us at staysecure@thetslgroup.com today!