Ransomware continues to hinder enterprises with targeted attacks using a myriad of techniques, including 2020’s most common approach of double extortion. Organisations need to stay alert and ahead of attacks to avoid financial losses, workflow disruptions, and damage to their reputation. This article uses case studies to take a deeper look at the ransomware variants of 2020 and provides insight on how cybersecurity leaders can mitigate future attacks.
Trends and themes of ransomware in 2020
With continued growth and attack evolution, enterprises should remain vigilant against the ongoing threat of ransomware. Trend Micro observed the increase of new ransomware families and a narrower focus on targeted attacks toward high-value assets and vulnerable industries. With the global pandemic, it’s unsurprising that cybercriminals upped their focus on the healthcare industry, which accounted for 14% of all ransomware attacks.
Double extortion was a common ransomware theme due to a significant focus on data breaches of valuable organisations. Cybercriminals expanded their tactics by not only denying access to the compromised files but also threatening to expose the sensitive data unless a ransom was paid. This is a major concern for enterprises, as they have much at risk—from a financial, regulatory, and image perspective.
What can CISOs do?
As ransomware attacks evolve, so should an enterprise’s prevention methods—especially as the workforce environment has shifted from the office to working from home. The new remote set ups have opened up additional security challenges, which require a holistic approach from organisations to secure the growing cloud network and maintain work-from-home (WFH) best practices.
Here are some of Trend Micro’s key recommendations to enhance WFH security and enable your enterprise to deal with the threat of ransomware:
- Regularly back up files
- Limit access to shared/network drives and turn off file sharing
- Employ secure authentication strategies
- Disable local admin accounts
- Update and patch regularly
- Enforce the principle of least privilege
- Enforce application control
Although ransomware is growing in complexity, the most effective defence is simplifying your cybersecurity approach. Enterprises using multiple products and vendors can feel overwhelmed and may be limiting their threat visibility—using more integrated offerings results in better visibility, detection, and response.
Take a deeper dive into the ransomware trends from 2020 and learn about mitigation methods that can enable resilience within your organisation: The State of Ransomware: 2020’s Catch-22.