[2021 Issue 05] Ransomware - What is it & how Zyxel can help you avoid it?

zyxel_Lin

The third and fourth quarters of 2020 saw significant increase in several threat categories; New Ransomware, driven by Cryptodefense, grew in volume by 69% from Q3 to Q4.  - MacAfee Labs

 What is Ransomware?

• Ransomware is a type of malware (malicious software)   that prevents or limits users from accessing their system.

• Encrypted system/file is the typical way Ransomware achieves this.

• This type of malware forces its victims to pay the ransom through certain online payment methods in order to grant access back to their systems/data.

• In some cases, infection could occur through embedded URL over email or compromised websites with drive-by download techniques.

 The Damage Caused by Ransomware

According to a session at Gartner's Security & Risk Management Summit, the average cost of a ransomware attack payment by a midsized business Q1 2020 was $178,254.

Financial costs include the ransom payment and the costs to remediation of a network appliances. If an organization interruption is severe, the attack may results in revenue lost and potential brand damage. This attack could also lead to potential costs of 3rd party claims as a result of the data breach.

According to Coveware, the average days of downtime stayed relatively constant at 16.2 days in Q4 of 2019  whether you pay the ransom or try to restore from a backup. After the victim was forced to pay a ransom, the threat actor would not provide the tool needed, then it leads to no data recovery. If the victim received decryption tool, the files and servers would be damaged in the encryption process and this can infect data recovery rates.

5 Tips for Ransomware Prevention

1. Security Gateway Provides Comprehensive Protection

To maximize your protection against malware, including Ransomware

How USG FLEX can stop Ransomware

• Email Security stops malicious email
• URL Threat Filter stops user to open unsafe/malicious link (from email)
• IDP detects and stops Ransomware attempts to contact CC&C
• Anti-Malware protects user not to download malware-infected files
• SecuReporter find what kind of attacks are detected

(SecuReporter turns massive data of malware activity into clear data points in the dashboard.)

2. Backup regularly and always keep a recent backup copy off-site.

Always do a regular backup of your files and system OS and encrypt your backup. This way you don't have to worry about Ransomware threat because you could easily restore your files or system OS back very soon.

3. Patch, patch, patch…

Malware threat relies on software or application vulnerabilities (or bugs). When you apply security patches, you give the cybercriminals fewer options for infecting you with ransomware.

4. Be very careful about opening unsolicited attachments or clicking unfamiliar web link

Opening an attachment in the received email from unknown sources, or clicking on a sexy picture/image or a harmless advertisement could actually redirect you to a malicious web site and might install a malicious software.

5. Use Anti-Virus software on every clients

Install and keep anti-virus (AV) and personal firewall software up-to-date on your clients’ devices. Always check downloaded files because AV software could help keep your clients’ devices free of the most common malware.