Cybercriminals are taking advantage of the business disruptions caused by the global health crisis, particularly the sudden and dramatic rise in remote work. Ransomware incident response firm Coveware reports that the average enterprise ransomware payment increased to $111,605 in the first quarter of 2020, up 33% from the final quarter of 2019. This dramatic surge is due to cybercriminals increasingly attacking large enterprises with deep pockets.
Why do cybercriminals like ransomware?
Ransomware remains popular for two reasons. First, ransomware attacks require little technical expertise. Don’t know how to code? No problem; Dark Web marketplaces offer a wide selection of “ransomware-as-a-service” packages that nearly anyone can use to launch an attack right out of the box. Some “vendors” even offer free technical support, just like companies that sell legitimate software-as-a-service solutions.
Successful ransomware attacks also end with swift paydays as compared to data breaches. A cybercriminal who steals data must first exfiltrate the information, then find a willing buyer. In a ransomware attack, the “buyer” is built-in, their systems and data held hostage until they either pay up or restore their systems in some other manner.
Paying up doesn’t mean you’ll get your data back
Unfortunately for victims, paying the ransom doesn’t mean they’ll get back into their systems, which is why cybersecurity experts and law enforcement professionals strongly advise against paying. GCN reports that about 20% of organizations that give in to ransom demands don’t get their data back.
However, thumbing your nose at a ransom also carries risk, as some cybercriminals have taken to publishing data stolen from non-payers on public websites. This happened to a UK-based medical research firm working on COVID-19 vaccine trials. According to ComputerWeekly, when Hammersmith Medicines Research refused to pay a ransom demand, cybercriminals published sensitive information belonging to trial volunteers, including proof of identification, their medical records, and a list of the vaccination studies in which they had participated.
Clearly, the best solution is to prevent ransomware from getting onto organizational networks in the first place.
Prevent ransomware attacks by securing your passwords
According to the Coveware report, the most common ransomware attack vector in Q1 2020 was compromised remote desktop protocol (RDP) credentials, which can be purchased on the Dark Web marketplaces for as little as $20. The second most common attack vector was email phishing.
Since both methods involve obtaining legitimate passwords to gain access to company networks, robust password security goes a long way towards preventing ransomware attacks. Make sure your organization mandates and enforces a comprehensive password security policy that includes:
- The use of strong, unique passwords for every online account and app
- Use multi-factor authentication (MFA) whenever possible
- Enforce role-based access control (RBAC) with least-privilege access
- Mandate the use of a password manager such as Keeper Business
Keeper’s business password management solutions give IT administrators complete visibility into employee login credentials, enabling them to monitor and control password use among both on-site and remote employees, and enforce policies such as strong passwords, RBAC, and 2FA. Keeper is affordable, easy to set up and manage, and offers enterprise-level protection that scales with your business, making it an ideal solution for organizations of all sizes.
If you would like to find out more about how Keeper can help your business prevent ransomware attacks, data breaches, and other password-related cyberattacks, sign up for our 14-day trial now.