LASAMBUS deploys geo-location tech
VISUAL EARTH, A DIGITAL STRATEGY and service experience firm in the UK is partnering with the Lagos State Ambulance Services to deliver a more accurate location-based service for the Lagos State first responder service ....
AS THE WORLD CONTINUES TO adapt to the “new reality” of taking more and more business processes online, organisations across the world continue to grapple with ransomware attacks according to a new paper by Sophos Security, a Cybersecurity giant.
In a new survey by the company that covered 26 countries across the world, more than half of the respondents said that they have been targeted by a ransomware attack in the last year.
No one is immune to attacks
According to the research, hackers are targeting every type of company across all industries. So in short, no one is safe from ransomware attacks.
The survey also found that no region or country is immune from cyberattacks.
Notably, 47 percent of the organisations that were attacked had fewer than 1000 employees while 53 percent of organisations attacked had more than 1000 organisations, meaning that the size of the organisation does not have a significant bearing on whether an organisation will be attacked or not.
Sector by sector breakdown of attacks
The media, leisure and entertainment sector was the most affected sector during the period under survey with 60 percent of the respondents from the sector saying that their organisations have been targeted with malware attacks. The IT, technology and telecoms sector comes next with 56 percent of the respondents saying that their organisations were attacked. Respondents from the Energy, oil/gas and utilities sector came slightly behind the IT, technology, telecoms sector with 55 percent of the respondents from the sector saying that their companies have been targeted with malware attacks.
Fifty-four percent of respondents that selected “others” as their industry stated that they have been affected by malware attacks. Fifty percent of businesses and professional services said that they have been targeted by malware attacks, while 49 percent of construction and property companies were attacked. Forty-nine percent of retail distribution and transport companies were attacked. Forty-eight percent of financial services were attacked. Forty-six percent of manufacturing and production companies were attacked; while 45 percent of public sector organisations were attacked.
Stay ahead of the curve: How ransomware attacks work
Sophos says that there are established patterns on how ransomware attacks work. The cybersecurity company in the paper says that ransomware attacks usually happen in 7 steps. They list the steps that attackers use to include the following:
# Gaining entry; Escalating privileges; Attempt to disable/bypass security; Deploy payload; Spread ransomware; Leave a ransom note demanding payment for the files to be decrypted; Wait for the victim to contact them on their emails or the web.
File downloads/malicious email links and remote attacks are the leading sources of server-based attacks
There has been an upward trend in the number of server-based attacks in 2020. Although server-based attacks are more sophisticated and highly-targeted thereby requiring much more efforts on the side of the hackers, they are however riskier to organisations and represent more value to hackers. Serverbased attacks can cripple organisations as hackers usually demand multi-million dollar ransoms. But how do these attacks happen in the first place?
According the survey by Sophos, 29 percent of the total respondents surveyed said that they experienced ransomware attacks on their servers after downloading a file or clicking a malicious link contained in an email message. Twenty-one percent of other respondents said that their organisations were remotely attacked by malicious elements.
The other ways through which server-based attacks occur include via malicious email attachment with 16 percent of the respondents saying that their organisation experienced that. Nine percent of respondents said that their companies experienced ransomware attacks via misconfigured public cloud instances, a further 9 percent said their organisations were attacked via a Remote Desktop Protocol (RDP), while another 9 percent said they were exposed to malware attacks through a supplier that works with their organisations.
Removable devices still pose a threat as well, as 7 percent of the respondents noted that they were attacked via a USB or other removable devices.
Thankfully, these kinds of attacks can be prevented if an organisation invests in an internet security solution. Most cybersecurity solutions have products that cater to this need.
Protecting yourself from cyberattacks
It is integral for businesses to protect themselves from ransomware and cyberattacks generally. Oluseyi Lala, a manager, IP planning and enterprise solutions at 9mobile Nigeria told Business A.M. that, “Coupled with the migration to fully digitized operations comes the menace of cyber-attacks, so it means as businesses think of going digital, they must factor all of the required security measures – device protection, anti-spam/ anti-bot, anti-DDoS attacks, privacy, data protection stuff, compliance with NDPR & all related issues,” he said.
According to the paper by Sophos, organisations can protect themselves from cyberattacks in a few steps, including: Upgrading your IT security; Locking down remote access and management; and Segmenting your network