As the world continues to adapt to the “new reality” of taking more and more business processes online, organisations across the world continue to grapple with ransomware attacks according to a new paper by Sophos Security, a Cybersecurity giant.
In a new survey by the company that covered 26 countries across the world, more than half of the respondents said that they have been targeted by a ransomware attack in the last year. No one is immune to attacks According to the research, hackers are targeting every type of company across all industries. So in short, no one is safe from ransomware attacks.
The survey also found that no region or country is immune from cyberattacks. Notably, 47 percent of the organisations that were attacked had fewer than 1000 employees while 53 percent of organisations attacked had more than 1000 organisations, meaning that the size of the organisation does not have a significant bearing on whether an organisation will be attacked or not.
Sector by sector breakdown of attacks
The media, leisure and entertainment sector was the most affected sector during the period under survey with 60 per cent of the respondents from the sector saying that their organisations have been targeted with malware attacks. The IT, technology and telecoms sector comes next with 56 per cent of the respondents saying that their organisations were attacked.
Respondents from the Energy, oil/gas and utilities sector came slightly behind the IT, technology, telecoms sector with 55 per cent of the respondents from the sector saying that their companies have been targeted with malware attacks. Fifty-four per cent of respondents that selected “others” as their industry stated that they have been affected by malware attacks.
Fifty per cent of businesses and professional services said that they have been targeted by malware attacks, while 49 per cent of construction and property companies were attacked. Forty-nine per cent of retail distribution and transport companies were attacked. Forty-eight per cent of financial services were attacked. Forty-six per cent of manufacturing and production companies were attacked; while 45 per cent of public sector organisations were attacked.
Stay ahead of the curve: How ransomware attacks work
Sophos says that there are established patterns on how ransomware attacks work. The cybersecurity company in the paper says that ransomware attacks usually happen in 7 steps. They list the steps that attackers use to include the following: Gaining entry; Escalating privileges; Attempt to disable/bypass security; Deploy payload; Spread ransomware; Leave a ransom note demanding payment for the files to be decrypted; Wait for the victim to contact them on their emails or the web.
File downloads/malicious email links and remote attacks are the leading sources of server-based attacks
There has been an upward trend in the number of server-based attacks in 2020. Although server-based attacks are more sophisticated and highly-targeted thereby requiring much more efforts on the side of the hackers, they are however riskier to organisations and represent more value to hackers. Serverbased attacks can cripple organisations as hackers usually demand multi-million dollar ransoms.
But how do these attacks happen in the first place?
According to the survey by Sophos, 29 per cent of the total respondents surveyed said that they experienced ransomware attacks on their servers after downloading a file or clicking a malicious link contained in an email message.
Twenty-one per cent of other respondents said that their organisations were remotely attacked by malicious elements. The other ways through which server-based attacks occur include via malicious email attachment with 16 per cent of the respondents saying that their organisation experienced that.
Nine per cent of respondents said that their companies experienced ransomware attacks via misconfigured public cloud instances, a further 9 per cent said their organisations were attacked via a Remote Desktop Protocol (RDP), while another 9 per cent said they were exposed to malware attacks through a supplier that works with their organisations.
Removable devices still pose a threat as well, as 7 per cent of the respondents noted that they were attacked via a USB or other removable devices. Thankfully, these kinds of attacks can be prevented if an organisation invests in an internet security solution. Most cybersecurity solutions have products that cater to this need.
Protecting yourself from cyberattacks
It is integral for businesses to protect themselves from ransomware and cyberattacks generally. Oluseyi Lala, a manager, IP planning and enterprise solutions at 9mobile Nigeria told Business A.M. that, “Coupled with the migration to fully digitized operations comes the menace of cyber-attacks, so it means as businesses think of going digital, they must factor all of the required security measures – device protection, anti-spam/ anti-bot, anti-DDoS attacks, privacy, data protection stuff, compliance with NDPR & all related issues,” he said.
- According to the paper by Sophos, organisations can protect themselves from cyberattacks in a few steps, including:
- Upgrading your IT security;
- Locking down remote access and management,
- and Segmenting your network