PayThink

Ransomware attacks are more mob shakedown and computer hack

Register now

I remember when "ransomware" wasn’t even in the lexicon. Today, from a medical center in Wyoming to the city of Johannesburg, this form of crime dominates the headlines. And while attacks on small and mid-sized cities get all the buzz, many companies and their partners suffer too.

Firms that offer services such as cloud-based order-to-cash solutions can be disrupted with a single piece of malware can cause havoc. But if we’re to fight against these attacks, let’s see them for what they really are, not software with a twist. It’s extortion, oppression, a shakedown, a racket, mob rule. Seen in that light, it gets easier to understand that the only solution to ransomware is to not pay the ransom.

Let’s start with the noblest reason: By paying off the bad guys, we normalize crime. Moreover, at best, there’s no guarantee these shadowy enterprises will release whatever hold they have on the victims; at worst, they’ll use their ‘earnings’ to pursue other targets. When crime pays, there’s more crime. And since these attackers frequently want to be paid in cryptocurrency, these illicit payments contribute to, and are vulnerable to, massive swings in value.

Let’s also understand that the cyber-criminals do what they do with a business mindset—their preferred targets represent low-hanging fruit, organizations that don’t have strong security. Getting the basics right can keep out attackers looking for easy pickings. The best strategies combine people (education), process (response) and technology (protection), creating a layered approach to security defense.

Here are some tips for fighting off ransomware and other cyberattacks. Don’t open attachments or click on links unless you know they’re from a legitimate source, and build this into your workforce education and training. Keep up to date with system patches and current versions of malware protection Monitor the DNS like it’s the battlefield: This is where requests are made before and during a ransomware attack, and it offers a chance to intercept malicious activity before it causes damage. Develop and maintain an incident response plan: Even if the ransomware attack gets through, focus on minimizing the damage. Keep backups to resume business operation as quickly as possible

If all this sounds like common sense...it is. But for all its simplicity, a layered approach is vital during a ransomware attack because multiple protections have to fail for an attack to work. Facing too many barriers, the attackers will back off.

For reprint and licensing requests for this article, click here.