How to defend your business from ransomware and other attacks.

Views expressed in this cybersecurity-cybercrime update are those of the reporters and correspondents.

Accessed on 05 April 2022, 1955 UTC.

Content provided by email subscription to “PC Mag SecurityWatch.”


Please click link or scroll down to read your selections.

PCMag SecurityWatch
Ransomware Is on the Rise: 10 Steps for Defending Your Business
There’s an old joke that goes, “What kind of writing is most lucrative? A ransom note.” It’s funny because it’s true. 2021 saw a surge in ransomware attacks on businesses, and according to Unit 42, a security consulting team at Palo Alto Networks, the number of cyber extortion cases will likely grow in 2022.

As Threats Grow, So Do the PayoutsThe number and size of payments made by businesses and organizations to the perpetrators are also on the rise. Among the 2021 incident response cases (mostly involving US-based victims), the average ransom demanded was $2.2 million. This represents a 144% increase from the average demand of $900,000 in 2020. While those numbers are higher, Unit 42 also points out in its report that ransom payouts are still significantly less than initial ransom demands. The security team calculated that the actual average payments were just 42% of the initial ransom amount.To get more money, cybercriminal groups are now diversifying their skillsets. These organizations use multipronged attacks to threaten their victims into compliance. For example, they might issue warnings that they will release sensitive company data on dark web leak sites if the victim doesn’t pay up. You can’t argue with the results. The pressure prompts victims into making payments without the group even having to deploy ransomware. And it’s no bluff. Unit 42’s analysis in its 2022 Ransomware Report shows ransomware groups posted 85% more victim data on the dark web last year than in 2020.Meanwhile, as PCMag’s Michael Kan reports, ransomware software continues to menace organizations large and small. FBI officials say ransomware attacks hit U.S. critical infrastructure hundreds of times just last year. The main targets were in the financial services, healthcare, and information technology sectors. The FBI’s report says ransomware strains REvil, Lockbit 2.0, and Conti can all be traced back to hacking groups that have members suspected of operating out of Russia.

The Business of RansomwareAll of the above has led to a situation where enterprising threat actors work smarter, not harder. Unit 42 reports that criminal entrepreneurs now offer ransomware-as-a-service (RaaS) to like-minded ne’er-do-wells. RaaS works similarly to the software-as-a-service your business may use for its day-to-day functions. The RaaS group establishes agreements that set the terms for providing actual ransomware to affiliates in exchange for a monthly fee or a percentage of ransoms paid. RaaS lowers the barrier to entry for criminal wannabes and expands ransomware’s reach.

How to Prepare for a Ransomware AttackGrandma used to say, “A stitch in time saves nine.” In other words, bolster your defenses against a ransomware attack before it occurs. Unit 42 offers ten ways businesses can keep safe or at least minimize ransomware’s impact on their day-to-day operations.1. Stay educated and up to date on ransomware risks. Keep an eye on news concerning the latest threats (subscribing to SecurityWatch is a fine start). Make sure your ransomware protection software stays updated, too.2. Know what data you stand to lose. If you know what data is at risk for your company and where it’s all stored, you will know how to prioritize scheduling backups and investing in offsite storage.3. Make sure everyone you work with is focused on security. Third parties, partners, and supply chain elements could all introduce ransomware risks that could affect your company. Talk with anyone who accesses your data about their security plans.4. Review and test your incident response plan. Who will you call to get your computers back online during a ransomware attack? How much are you willing to pay to get your data back? How long can your business remain offline during a security incident? It’s important to create and regularly review an incident response plan to make sure you aren’t at the mercy of a ransomware group. 5. Implement a zero-trust strategy. Eliminate implicit trust. This means every authorization request and every session must be validated before a user can continue on the network. Validating at every stage of every digital interaction makes it harder for attackers to get in and wreak havoc.6. Identify your exposed assets. What’s on your social media feeds? What’s in your inbox? Any information about yourself and your business you make public is in danger of being exposed in a data breach or used as fodder for ransom attacks. Don’t get caught unawares. Protect your logins with complex, hard-to-guess passwords that you keep in a password manager’s encrypted vault.7. Identify and block potential threats. Keeping exploits, malware, and command-and-control traffic at bay takes away any easy targets from attackers.8. Learn how to automate your protection. Use tools such as antivirus protection that will detect ransomware threats early so you can respond and recover quickly. 9. Secure your cloud presence. To launch ransomware attacks in cloud environments in the future, criminals will probably use tactics we have yet to encounter. Prepare your business by using identity and access management software to secure cloud APIs.10. Reduce response time with retainers. Keep incident response experts on speed dial. They can help you create a budget for responding to a ransomware threat and thus take faster action to get you back in business faster.Get this email from a friend? Get it delivered to your inbox weekly. Sign up for the SecurityWatch newsletter.

What Else Is Happening in the Security World This Week?Update Your iPhone Now: Apple Releases Patches for iOS, iPadOS, Mac Zero-Days. The flaws appear to have been actively exploited.Do You Really Need to Buy an Antivirus App or a VPN Anymore? Isn’t the built-in security on today’s PCs, phones, and tablets good enough? The answer depends on the OS you’re running.Despite Arrests, LAPSUS$ Hacking Group Strikes Again, Hitting IT Supplier. Software services firm Globant confirms it was hacked after the LAPSUS$ group dumps a 70GB archive allegedly stolen from the company.Viasat Hack Tied to Data-Wiping Malware Designed to Shut Down Modems. Security firm SentinelOne says malware known as AcidRain was likely used to take down Viasat’s satellite internet network during Russia’s invasion of Ukraine.CleanMyMac X Now Flags Russian, Belarusian Apps as ‘Suspicious’. What’s running on your Mac?

If you buy something from our links, we may get a commission from the sale. Learn more here.
New H&R Block Clients get 30% off Online Tax Filing
 Start for FREE
Who Cares About Online Privacy?
You read this newsletter every week, so you know that online privacy is important. How aware is everyone else? We have good news. As PCMag’s Carol Mangis writes, 90% of respondents in a recent SurfShark survey say they value online privacy. However, about a third of that 90% also said the quality of service was more important than security.Eighty-one percent of those surveyed want to know more about how their data is being used by big tech service providers. As always, I encourage you to read the privacy policies of the apps and software you use before you give up a lot of information.The study also found that many of the respondents use privacy tools such as antivirus, ad blockers, and password managers. Unfortunately, 12% of those surveyed don’t use privacy tools at all.Want to take control of your privacy but don’t know where to start? PCMag’s Eric Griffith writes about how to disappear from the internet.

How to Master Google Password Manager

Hackers Hit Email Marketing Firm Mailchimp to Target Crypto Users

What Is a Zero-Click Attack?

Russia Will Stop Using Western Software for Critical Infrastructure by 2025

Biden Admin May Roll Back Trump Policy on Military Cyber-Offensive Operations

Want more deals like these delivered to your inbox?
Echo Buds (2nd Gen) Wireless Active Noise-Cancelling Earbuds (2 Color Options) with Wired Charging Case
$119.99 $49.99

ASUS VivoBook Pro K3400 14″ OLED 2880×1800 NanoEdge Intel Core i5-11300H Laptop w/ 256GB SSD, 8GB RAM
$749.00 $619.00

400GB SanDisk Ultra UHS-I Class 10 microSDXC Memory Card with Adapter (Up to 120MB/s read speeds)
$69.99 $43.99

Just Released 2022 Apple iPad Air 10.9″ Liquid Retina Display 64GB Wi-Fi Tablet (Starlight Color) w/ Apple M1 Chip
$599.99 $569.99

MSI GeForce RTX 3070 Ti X Trio OC 8GB GDDR6X Graphics Card
$959.99 $819.99

All product and deal information such as discount, price and availability are believed to be accurate as of the time of publication. Please verify these details with the merchant site and check the merchant’s terms and conditions before you buy. Publisher is not responsible for errors or omissions.

For the latest cybersecurity news, information, and commentary, please check the blog sidebar, links, and twitter posts.  Thanks for joining us today.

Russ Roberts (machine learning, artificial intelligence, IoT, and information security)