How it works
Networks (internet) are not secure enough due to the lack of efficient cybersecurity. As a result, ransomware attacks are increasing, affecting most businesses and individuals today. Enacting measures to detect cyberattacks and ransomware attacks can be helpful in preventing unforeseen repercussions from the attacker in the corporate network. Cybersecurity needs to implement new policies and recommendations so that ransomware attacks can be reduced. This report will first discuss some ransomware attacks that have happened before. Next, the report will discuss who is affected by ransomware attacks, and finally, the report will discuss how ransomware attacks can be reduced.
Earlier this year, Microsoft was affected by what has been called the “biggest ransomware outbreak in history”. By exploiting a bug in unpatched Microsoft operating systems, this global cyberattack infected more than 300,000 computers in 150 countries. Hackers spread the ransomware, known as WannaCry, by using phishing techniques through email. Users would receive emails that tricked them into opening attachments that released malware into their systems. Once their computers had been affected, the ransomware would literally take their files for ransom, locking them up and encrypting them, and demanding payment of bitcoins to regain access to their files. Although users were told they would regain access to their files following payment, many did not regain access and were continuously told to pay more and more for the “ransom”.
How it works
In order for this attack to be staved off or reduced, cybersecurity needs to implement new policies and recommendations. One such policy is authentication techniques; this is an important policy commonly employed in most corporate networks to protect against similar attacks like ransomware. This provides for the use of two-way authentication, key management and automated management of keys. The techniques offer the ability to encrypt and decrypt without the use of a centralized file protection or critical management system. Although this policy has been employed in the company to protect against attacks, more research is being carried out to reinforce these techniques.
Another policy that needs to be implemented is the patch or software update. Apparently, ransomware creators mostly rely on users running on outdated software with known vulnerabilities, which are easily exploited to penetrate the corporate network. Installing updates helps manage and fix vulnerabilities which are quickly exploited to install ransomware. In fact, research shows that leaving just a single computer in an environment where the latest patch is not installed can threaten the stability of the whole environment and perhaps impede standard functionality. Possibly the biggest lesson consumers learned from this cyberattack was the importance of regularly updating their systems to protect their equipment, as well as remaining vigilant and alert when it comes to suspicious emails and notifications from both familiar and unfamiliar senders.
- Fuscaldo, Donna. “Microsoft Brand ‘Largely Unscathed’ By WannaCry Attack: Report.” Investopedia. May 26, 2017. Accessed November 04, 2018. http://www.investopedia.com/news/microsoft-brand-largely-unscathed-wannacry-attack-report-msft/.
- Mah, Paul. “8 Ways to Fend off Spyware, Malware and Ransomware.” CIO. September 16, 2015. Accessed November 04, 2018. https://www.cio.com/article/2984382/online-security/8-ways-to-fend-off-spyware-malware-and-ransomware.html.
- Musthaler, Linda. “How to Prevent Ransomware.” Network World. April 28, 2016. Accessed November 04, 2018. https://www.networkworld.com/article/3062901/security/with-some-advanced-preparation-you-can-survive-a-ransomware-attack.html.