What is Ransomware? 

Ransomware attacks have become more impactful in recent years and unlike the broad targeting and opportunistic approach of earlier ransomware infections, modern attackers vary their attack patterns depending on their discoveries. Attackers use these weaknesses to elevate their privileges by stealing more valuable data leading to bigger pay-outs and no guarantee that they’ll leave their target environment once they’ve been paid. By definition, ransomware is malware designed to deny a user or organization access to files on their computer. The encryption of these files leads to attackers demanding monetary payment for the decryption key thus putting organizations in a position where paying the ransom is the easier and, in some cases, cheaper way to regain access to these files. Ransomware has become the most prominent type of malware and in Jamaica, we have seen several attacks recently. 

Recent Ransomware Attacks 

According to Checkpoint Research, the number of organizations impacted by ransomware globally has more than doubled in the first half of 2021 compared with 2020, and the healthcare and utilities industries are the most targeted. On March 14, 2020, The Jamaica National Group experienced a data security breach because of a cyber-attack on our systems through ransomware. On investigation, it was discovered that there was unauthorized access to their system which impacted operation. The attack affected the company’s members and customers, some of whom were unable to access their accounts however, no customer account was affected, as accounts are kept and protected by a separate system. In 2022 a similar incident took place on January 20, 2022, the Northern Caribbean University (NCU) experienced a ransomware attack. Byron Buckley, NCU’s head of corporate communications, revealed that the breach was not as catastrophic as the university had suspected. While the hackers did breach the system it was theorized that they did not access key data and that none of the important systems, such as accounting systems, had been significantly compromised. The University also stated that no ransom negotiations were entertained despite encryptions being placed on accounting and other files.  

3 Tips to Prevent Ransomware Attacks 

Ransomware is a simple type of malware despite being such a major threat to the cyber and data security of organizations. Once malware is present on a system it uses the functionality built into the computer’s operating system to access and encrypt files. These files then become impossible to retrieve without access to the decryption key given the modern encryption algorithms. So knowing this how can we prevent ransomware? 

• Robust Data Backup 
  • The purpose of ransomware is to force a victim to pay to regain access to encrypted files, but this is only effective if the organization lost data. A secured data backup is a clear-cut solution because this helps to minimize a potential ransomware attack to nothing. 

• Cyber Awareness Training 
  • Phishing emails have become one of the most popular ways for attackers to gain access to systems thus frequent security awareness training is needed to inform staff on how to protect the company’s data. 

• Strong User Authentication 
  • Enforcing a strong password policy, requiring the use of multi-factor authentication, and educating employees about phishing attacks designed to steal login credentials are all critical components of an organization’s cybersecurity strategy. This prevents attackers from easily guessing credentials and gaining access via Remote Desktop Protocols. 

So on this Friday 13th make sure you do your best to protect your organization and its files because you don’t want to step on a crack and let a hacker in that holds your bosses at ransom.