It’s somewhat ironic that as we are facing a global pandemic in the form of COVID-19, another threat is spreading like wildfire – and I don’t mean the flu. Malware, and more specifically ransomware, attacks have been increasing and spreading similar to the virus we’re facing today. However, ransomware is not new. It’s been around for roughly a decade causing mayhem and financial losses for people and organizations alike.
Having been in the IT space for a little more than that, I’ve seen both the harm and the security advances made in order to combat this threat. Despite its tenure ransomware hasn’t ceased, but instead has become more sophisticated. With this evolution, people, governments, and other organizations who have previously thought themselves safe are now finding themselves targets or victims of these malicious attacks.
Ransomware is malicious software (malware) used to block you from accessing your own data. This is usually in the form of encryption or other methods of file locking. The data is then held it for “ransom” – hence the name.
Ransomware is probably most known for infiltration through e-mail attachments and software vulnerabilities. While State and Local governments are typically high visibility targets, other industries such as health care and transportation have also been notable targets. According to the FBI, attempts to compromise patient information within hospital systems have increased due to the perceived profit that impact would have during the current spike in nationwide COVID-19 cases.
However, it’s not just health care that’s being hit hard. In the current telework or “WFH” climate there has been an increase in fraud, business e-mail compromising, and more across the board. The FBI has reported a 400% increase in the number of cyberattack complaints during this period alone.
As Microsoft 365 continues to grow in adoption across many sectors, it is only natural that it would be a source of attacks. According to Microsoft, they saw an increase in identity-based attacks on enterprise accounts during the first half of 2020.
Microsoft has taken the threat of malware and phishing attacks very seriously and has formed a Digital Crimes Unit (DCU) to help combat this ever-increasing threat. As such, they were able to disrupt one of the most infamous botnets in the world. Read more about this here.
While Microsoft and others are taking a hard stance to increase threat protection and mitigate successful attacks, there is still very much a human element that needs to be accounted for.
How Can You Protect Yourself?
Malware and other malicious cyber-attacks leverage a combination of brute force and social engineering attacks in order to increase their success rate. While large service providers such as Microsoft can help provide a level of security against brute force attacks, socially engineered attacks use current events (e.g. COVID-19) or other means to trick individuals into divulging sensitive information or downloading ransomware and forcing both the individual and the organization into a compromising position. In some cases, by paying the ransom the organization risks a fine from the government, further adding to the impact of the problem.
As there are several tools and methods to protect the systems, here are a few ways to protect yourself and your employees:
Knowledge is power, and that goes for understanding ransomware and cyber-attacks as well. Understanding the typical methods by which these attacks happen and what to do in those scenarios is pivotal in protecting individual and organizational data.
Use Secure Networks
In the days of teleworking, it is not uncommon for an individual to leverage multiple devices to work in multiple locations. Checking e-mail while grocery shopping or finishing up some work while waiting at the car-service center are all regular scenarios. Additionally, most of these public locations offer free unsecure Wi-Fi to make up for possibly poor signals.
This scenario makes it possible for data to be intercepted, including personal information, log-in credentials, or general data that can be used in a social engineering attack. Leverage a secure network or Virtual Private Network (VPN) to help protect these data transmissions when possible, but note that doing so won’t necessarily prevent malware or similar attacks.
Update Your Software
Operating systems and web browsers perform frequent updates that tend to provide functionality enhancements and security updates. As cybercrime is an ever-evolving threat, the means to prevent exploitation evolves as well. This means that the more up-to-date your system is, the harder it is for your system to be exploited for vulnerabilities.
Malware, ransomware, and the like have been a common occurrence in the tech industry for years. With the recent surge of telework from the 2018-2019 time frame—including a drastic increase in 2020—individuals who have previously never considered this an issue may be finding themselves the victim of an attack or an attempt, and that can be rather alarming. The previous security of being able to leverage a work machine hooked into the office network and taken care of by the IT team is now not the norm and we all have to adjust.
It’s comforting to see the steps that technology leaders like Microsoft are taking in an attempt to secure their platform. Microsoft 365 is a platform that’s instrumental for many businesses to handle their day-to-day activities, and because of its utilization it’s also a platform subject to ever-increasing attempts to compromise its users’ data.
As seen by Microsoft’s Digital Defense Report, there is no shortage of research and analytics directed towards staying ahead of these looming threats; however, it’s not just up to Microsoft or our respective employers. Much of the defense against these attacks starts with us as individuals. By arming ourselves with the knowledge of what to expect and key, fundamental do’s and don’ts, we can be the front-line of defense against malicious attacks.