How can I defend my organisation against Ransomware?

Over the past year, there has been a 13% rise in ransomware attacks (according to Mimecast’s The State of Email Security Report 2023); an increase which equates to the number of attacks in the the previous five years combined. And with an ever-evolving threat landscape, ransomware attacks are predicted to keep increasing.

We’ve spoken to our technical and information security experts about the steps every organisation can take to mitigate the risk.

What is ransomware?

Ransomware is a type of malware designed to encrypt a victim’s information, effectively holding it hostage until a ransom is paid. These days, most ransomware campaigns come from ‘Ransomware as a Service’ providers, in which someone technical will write the malware code, sell it on the dark web to a threat actor and, as with legitimate software, provide support to the hacker to make sure that the malware is utilised effectively.

While most ransomware attacks are cyber criminals, in rare cases, as with other types of cyber attacks, ransomware may be beyond reasonable affordable commercial controls to defend if the malware exploits zero day vulnerabilities and come from highly resourced state sponsored actors or foreign intelligence services.

How we can support your organisation to mitigate the ransomware threat

The best response to the ransomware threat is achieving a good balance between preventative measures that reduce the likelihood of a successful attack, and resilience/continuity measures that ensure that your organisation is positioned to withstand the ‘worst case’ scenario. Here’s what you can do:

• Educate your workforce - The majority of reported cyber attacks (around 90%) begin with a successful phishing campaign, so it is important to ensure your people are educated about the threat. A Phishing Vulnerability Assessment will provide your team with all the knowledge they’ll need to remain vigilant against phishing attempts.
• Assess your overall security maturity - Understanding how well your organisation is set up to handle cyber risks will help you prepare your defences.
• Assess your IT infrastructure and technical security measures - A configuration and build review, periodic vulnerability scanning, and penetration testing will help protect your networks from known attacks. By identifying weaknesses in configuration and patching, the exposed attack surface can be minimised, reducing the likelihood of a ransomware attack succeeding.
• Assess your supply chain security - While your organisation’s cyber security might be sufficient, cyber criminals may take advantage of suppliers with a weaker cyber security posture. They represent an exploitable ‘back door’ entry into your own IT infrastructure. This is particularly relevant if any of your suppliers have been given remote access to your network.
• Implement and test an incident response plan - An effective incident response plan will address many aspects of cyber risk and will play a major role in limiting the damage caused by a ransomware attack. Incident response planning will help you understand how well your organisation is positioned to act in response to a successful attack.

Are you prepared for a ransomware attack?

We have years of experience supporting our clients to protect themselves effectively from digital threats. Our technical and information security specialists are available to share their expertise with you, so let’s talk.