More than 4,000 Ransomware attacks occur every day worldwide. How to protect against this type of scam? “By using as many layers of protection as possible,” says Sébastien Paquette, a specialist in telecommunications and security solutions at Informatique ProContact, a company specializing in IT services.
Ransomware, malicious programs that “hijack” personal or business data until ransom is paid, have proliferated since 2012. According to data from Europol, an agency The number of victims of ransomware attacks in Europe has increased by 11.4% in just one year.
In 2016, the FBI even estimated that ransomware attacks were a billion-dollar market, and a video produced by Cisco shows the ease with which a hacker can perpetrate this type of fraud. “He does not need to have advanced computer skills to commit a cyber attack. It can also be tooled by a more experienced hacker, “concedes Mr. Paquette.
A barrier to ease
Although there is no software that can protect 100% of ransomware attacks, it is still possible to have some layers of protection that will make it more difficult for cybercriminals.
First of all, regular software and system updates are essential for optimal computer security. “Attacks, including those by ransomware, exploit vulnerabilities in the system that may have been caused by neglected updates, among other things. This was particularly the case during the Petya ransomware attack, “says Paquette.
Anti-spam, anti-virus and content filtering services, or the installation of a firewall are also recommended. “The vast majority of attacks occur when opening an email or visiting an infected website,” says Paquette. To increase the level of security, he suggests companies invest in specialized services that protect against attacks that can reach the company through different vectors that are email, browsing the web, but also tablets , smart phones, laptops and desktops. An organization that wants to minimize the risk of a cyberattack should have controls in place for these different attack vectors, in addition to setting up perimeter security devices. This will ultimately protect the company and its data centers, main data, headquarters and remote offices. “Cisco, for example, offers reliable security solutions that specifically target ransomware,” says the specialist.
In addition, Sébastien Paquette suggests that all these services be managed by an IT manager or a cybersecurity expert rather than by users. “Employees can disable the antivirus, whether by accident, to access malicious sites or to access a file,” he says. Rules must be established for the types of files allowed and which sites and content are banned by the organization, and of course remove users from workstations the right to make changes to security tools. In many cases, organizations are developing security solutions without worrying about users’ rights to bypass or even disable them. This leaves the door open to malicious or non-recommended sites, or allows files of dubious nature to upset the organization’s IT ecosystem. ”
Despite these precautions, in the event of an attack, it can be eradicated by resetting the mobile device or computer. On the other hand, all the data will be lost. “We suggest having backup and recovery procedures,” says Paquette. At ProContact IT, for example, a backup of company data is done every day at a fixed time. To increase the reliability of the backup, he advises using the 3-2-1 rule, three different backups: off-site backup, ideally in the cloud, and two backups on two different media. “This is one of the best practices in IT security,” he says.
Whose fault is it?
According to Sébastien Paquette, no one is safe from a ransomware attack. “It can happen to an employee, a boss, an IT manager or an expert,” he says. Just accidentally click on a fraudulent link in an email. ”
Especially as cyber criminals manage to write the same email messages sent by PayPal, Amazon, Apple, etc. “Everyone uses these platforms,” says the specialist. It is now difficult to distinguish between a fraudulent email and an authentic email … ”
For these reasons, more and more companies are running awareness campaigns internally. Cyber security experts are invited to meet employees and IT managers in all areas of the business. Whether in the business world, health or education, the watchword is given: vigilance can greatly reduce the risk of ransomware attacks.