Today any enterprise, big or small, is vulnerable to ransomware attack. The possibility of a it depends upon how attractive and important data your organization possess. Also, it is important how quickly you respond to any ransom demand. It is very critical on how vigorously enterprises keep their employees trained about phishing emails and other security factors.
With most of the security organizations stating that ransomware is the “biggest threat of our time,” it’s been very important to protect the respective organizations. What it seems to be the conventional sectors of ransomware targets, can surprise you with an attack in unconventional or unexpected way. Thus taking serious means to protect data should be the best practice for any organization irrespective of size and industry.
Ransomware attack targets top sectors
In today’s scenario, there are several sectors where ransomware attack is speculated. Some of them are discussed below:
The number of ransomware attacks have doubled in academic organizations, especially colleges and universities. In fact, a study from BitSight Insights showed educational sector as the top target, with at least 1 in 10 institutions experiencing a ransomware attack. The obvious reasons behind choosing this sector are small/ no IT teams, budget constraints and too much of network file sharing. These organizations are so vulnerable to cyber attacks because of the social security number of the students and financial data of the teachers, professors or even non-teaching staffs. In a recent instance during June 2017, University College London became a major ransomware victim with the shared drives and student management system being compromised.
The incidents of ransomware attacks in Government sector have tripled from 2015 to the end of 2016, making it a prime target for the hackers. A recent incident in May 2017 saw more than 120 computers linked to the Gujarat State Wide Area Network (GSWAN) were affected by WannaCry ransomware. The government organizations, specially data centers are targeted mostly because of the services offered like police protection, important identity details (like PAN No., Aadhar No. etc.) or financial details from Government authorized banks and insurance companies. Thus the hackers are always eager to keep their eyes on this sector.
Health care, energy/ utilities
Today, ransomware attack can cancel X-ray sessions, postpone operation appointments, disrupt MRI scanner or even stop ECG tests. Thus hospitals are forced to take immediate action so that medical treatment is not delayed and patients’ data is kept safe. One such incident was the Hollywood Presbyterian Medical Center, which paid a ransom amount of $17,000 in 2016 to hackers who had locked some of the hospital’s critical data. Recently, United Kingdom’s National Health Service (NHS) was affected by WannaCry attack in May 2017. The hackers normally pose as job applicants, expecting HR people to open their emails and they successfully spread the ransomware at ease.
In 2016, almost 19% of the total ransomware attacks happened in retail sector, which is almost 167 times higher than 2015. The hackers know that a minute of downtime can cost millions to these retail organizations. Thus, they execute DOS (denial of service) attacks during key hours to demand hefty ransoms. They either threaten operations person or target customers’ financial data. This information flows in abundance across the retail organization network.
The motif for any data breach involves monetary benefits, thus banks become the most obvious targets for cyber criminals inspite of those organizations spending hefty amounts on security measures. Although we are yet to observe a ransomware attack on banking infrastructure, however the infamous Bangladesh bank heist in 2016 is the most relevant example to showcase the need for stringent security measures. The incident created ripples among security personals of most of the International banks worldwide and forced them to re-evaluate the security of the respective banking infrastructure.
Emerging ransomware threats
Any organization that has critical data is always a prime target for ransomware attack. The extent of sensitivity of the data influences the chances of attack. The advanced variant of ransomware won’t just hold the data back but also threaten the victim to publish the data online if the ransom is not paid. Law firms, technology companies, financial firms (both Govt. & non-Govt.) are attractive targets in this scenario. The companies mostly end up paying the ransom because they can not afford to leak their data under any circumstances.
Not only that, the hackers might even block the victim’s ability to access the data and put it for sale to the online bidders. The amount of pressure created on the victims citing the advantage of numerous competitors in the industry forces the victims to pay heed to the culprit’s demands.
Minimize ransomware threats
Almost 93% phishing emails are ransomware, which continue to be one of the most common medium of attack. Thus email scanning rules should be kept updated regularly and the employees should be trained with adequate security measures. Identification of suspicious emails and links is highly important.
Admin credentials are another factors for network security. If any employee has access to the sensitive official network, like admin credentials, and forgets to log out at any given point, then ransomware will have an easier access to the important files.
As always said, regular updates of the patches of eScan’s anti ransomware is crucial. It keeps an eye on the business network and endpoints continuously. The system encounters any suspicious activity, it alerts the user/ employee for an immediate action and prevents any further damage.
Well-protected back-ups in any scenario of ransomware attack can help big. Most of the organizations end up loosing big chunk of critical data or pay the ransom amount, which does nothing but encourages more ransomware attacks.