News Alert:

Avoid AED 10,000 penalty by registering for Corporate Tax today!

Insights

Are you prepared for a Ransomware Attack?

June 07, 2022

Ransomware attacks on businesses are on the rise around the world. While ransomware impact all businesses,  they hit small businesses especially hard. It is critically important for companies to stay informed and to invest in effective cybersecurity. This piece looks at what ransomware is, the different malicious forms it takes, and what you must do as a business to stay secure. 

As a recent cyberattack on the Indian airline SpiceJet which impacted an entire morning’s departure schedule before its IT team rectified the situation shows us, ransomware can threaten even the largest organization. No business is immune.

Organizations hit by ransomware attacks can suffer several types of losses such as:

  • Irrecoverable loss of sensitive customer or financial data
  • Ransom payments
  • Post-attack recovery costs
  • Loss of customers as well as of customer faith and goodwill

Small and Mid-size Businesses, or SMBs, however, are especially vulnerable to and more severely hurt by these attacks. Research from IT security firm Infrascale reports that 46% of SMBs have been hit by ransomware attacks,  and that 73% of these have paid ransom.

What is Ransomware?

Ransomware is a type of malware that blocks access to files or encrypts files until the victims pays a ransom under the perpetrator’s threat of data leaks and access blockage. More and more organizations have been victims of such attacks and have had to pay hefty ransom amounts in the recent past.

Different Types of Ransomware

Crypto ransomware or encryptors: These are some of the most well known and damaging variants. This type encrypts files and data within a system, making the content inaccessible without a decryption key.

Lockers: These lock out users from their systems making their files and applications inaccessible. A locked screen displays the ransom demand, often with a countdown clock to drive the victim to comply urgency.

Scareware: A fake software that claims to have detected a virus or other issues on the computer and directs the users to pay to resolve the problem. Some scareware lock the computer while others simply flood the screen with pop-up alerts without damaging files.

Doxware or Leakware:  Threatens to distribute sensitive personal or company information online. One variation of this claims to be a law enforcement software and demands payment of a fine to avoid jail time for illegal online activity it claims to have detected.

RaaS (Ransomware as a Service): Malware hosted anonymously by a “pro” hacker that, in return for a cut of the loot, handles everything from distributing ransomware to collecting payments and restoring access

Top 5 Ransomware Attacks

WannaCry: Detected on 12th May 2017, it changed cybersecurity forever. WannaCry hit over 300 organizations spread across 150 countries. Total cost is estimated at over $4 billion.

Ryuk:  An encryption Trojan ransomware spread in the summer of 2018 that froze the recovery functions on Windows OS. This made it impossible to restore encrypted data without an external back-up. The total damage is estimated at over $650,000.

Sodinokibi (REvil): First appearing in 2019, it is characterised by its advanced evasion capacity and the measures it takes to avoid detection. Attackers hacked Quanta, a Taiwan-based MacBooks manufacturer, and demanded $50 million for the encryption key.

SamSam: Detected in late 2015, it has since expanded substantially. It uses security vulnerabilities to access the victim’s network; alternatively, it uses brute force tactics on weak passwords. The ransoms demanded are much higher than average, recently climbing to $6 million.

NotPetya: Detected June 2017 in Ukraine, it quickly spread across Europe hitting several banks, airports, power companies, and many others. This ransomware cost an estimated $10 million in damages.

Protecting Your Business from Ransomware

Short Term Long Term
Take regular backups of all critical and sensitive data Test and further enhance the robustness of established cyber resilience, including response to phishing and ransomware
Update Operating Systems regularly Perform cyber-risk assessments and revisit the cyber security strategy
Make a strong password policy Implement best practices and information security frameworks
Install Anti-virus and Anti-ransomware software and keep them updated. Implement Business Continuity Management
Keep other system files (like browser files, Java, Adobe Acrobat, etc.) up to date
 

Winning With MBG’s Ransomware Security Solutions

At MBG our expert team assess an organization’s tools, procedures, and overall security. Our team is experienced in vulnerability assessments and penetration testing of networks and network devices, web applications, mobile applications and cloud services and applications. Our expertise in malware analysis and threat hunting ensures all resources are checked and tested for any type of ransomware attack.

This vulnerability assessment and penetration testing is then followed by detailed reports for corrective action. These reports list all identified vulnerabilities and recommended countermeasures to ensure maximal security.

Contact us to learn more and to boost your cybersecurity by the best advisory in the market!

Madan Mohan

Director | Cybersecurity Risk & Governance

[email protected]

+971 4 580 8003


What can we help you achieve?

Stay one step ahead in a rapidly changing world and build a sustainable future with us.

Get a quote
Open chat
Hello
Can we help you?