Ransomware is Still a Blight on Business

Ransomware is Still a Blight on Business

Trends come and go with alarming regularity in cybersecurity. Yet a persistent menace over the past few years has been ransomware. Now mainly targeting organizations rather than consumers, and with increasingly sophisticated tools and tactics at their disposal, the cybercriminals behind these campaigns have been turning up the heat during the COVID-19 pandemic. That’s why we need industry partnerships like No More Ransom.

Celebrating its fourth anniversary this week, the initiative has helped over four million victims fight the scourge of ransomware, saving hundreds of millions of dollars in the process. At Trend Micro, we’re proud to have played a major part, helping to decrypt over 77 million files for victims.

Not going anywhere

Ransomware has been with us for years, but only really hit the mainstream after the global WannaCry and NotPetya incidents of 2017. Unfortunately, that was just the start. Today, no sector is safe. We saw attacks rage across US municipalities, school districts and hospitals in 2019. Most recently, a major outage at a connected technology giant impacted everything from consumer fitness trackers to on-board flight systems.

Such attacks can hit victim organizations hard. There are serious reputational and financial repercussions from major service outages, and the stakes have been raised even further as attackers now often steal data before encrypting victims’ files. A recent incident at a US cloud computing provider has led to data compromise at over 20 universities and charities in the UK and North America, for example. A separate ransomware attack on a managed service provider earlier this year may cost it up to $70m.

The bad guys have shown no sign of slowing down during the pandemic — quite the reverse. Even as hospitals have been battling to save the lives of patients battling COVID-19, they’ve been targeted by ransomware designed to lock mission-critical systems.

No More Ransom

That’s why we need to celebrate public-private partnerships like No More Ransom, which provides helpful advice for victims and a free decryption tool repository. Over the past four years it has helped 4.2 million visitors from 188 countries, preventing an estimated $632 million in ransom demands finding its way into the pockets of cyber-criminals.

At Trend Micro, we’re proud to have been an associate partner from the very start, contributing our own decryption tools to the scores available today to unlock 140 separate ransomware types. Since the start of No More Ransom, Trend Micro tools have been downloaded nearly half a million times, helping over 50,000 victims globally to decrypt more than 77 million files. We simply can’t put a price on this kind of intervention.

Yet while the initiative is a vital response to the continued threat posed by ransomware, it is not all we can do. To truly beat this menace, we need to educate organizations all over the planet to improve their resilience to such malware threats. That means taking simple steps such as:

  • Backing up regularly, according to best practice 3-2-1 policy
  • Installing effective AV from a trusted vendor, featuring behavior monitoring, app whitelisting and web reputation
  • Training staff how to better spot phishing attacks
  • Ensuring software and systems are always on the latest version
  • Protecting the enterprise across endpoint, hybrid cloud, network and email/web gateways

I’m also speaking on a panel today hosted by the U.S. Chamber of Commerce on NotPetya and general ransomware attack trends related to the pandemic. Join us to learn more about ransomware from law enforcement agencies, policy makers and businesses.

If your organization has been impacted by ransomware, check the resources available on https://www.nomoreransom.org/ for advice and access to the free decryption tool repository.