Ransomware has become increasingly rampant. Despite increased awareness in both the IT and end-user communities, ransomware attacks are more frequent, and more dangerous, than ever before. Why?
Covid restrictions are partly to blame. The rush to work from home created many new exploit options for the attackers. The increased frequency of ransomware attacks is not the biggest challenge for IT though. It is the sophistication of the attacks that has changed.
Initially, ransomware attacks came in the form of bad links or attachments that featured immediate detonation. Today, the detonation most often occurs months, even years, after the initial compromise. Organizations have learned how to recover from vanilla ransomware attacks by using snapshots and backups. The attackers in turn want to compromise those things before they deploy the ransomware. They may burry so deep into the IT infrastructure that they use the organization’s own tools to distribute the ransomware itself. How does an organization defend itself from a patient attacker quite willing to spend years worming their way into an IT infrastructure?
Increased focus on prevention is an obvious step to take. But with even governments with all their resources being compromised on a regular basis, the best plan is to assume that you will be, at some point, faced with recovering from a ransomware attack.
So the question must be asked; have you done everything needed to prepare for that eventuality?
We prepared a great checklist to protect your critical data. You can find the link below.