F12 Blog

How to Protect Against Ransomware Attacks

It’s no secret that ransomware is one of the biggest security concerns for organizations around the world. The scariest part is that hackers are even savvier than they were in the past which makes legacy systems and other deprecated technologies vulnerable to their efforts.

What Is Ransomware?

Ransomware is a subsect of the malware family that blocks its victims’ files through encryption. When the target organization attempts to access its information, business managers and employees are unable to do so.

Instead, they are met with instructions that request a ransom be paid to release the encryption hold. Users are typically shown how to pay the ransom to obtain a decryption key. Typical ransomware amounts range anywhere from a few hundred to a few hundred thousand dollars.

Hackers often request to be paid in Bitcoin since its centralized blockchain technologies shield their identities from being revealed.

The best example of this type of exploitation lies within the recent, high-profile attack that used ransomware technologies known as Ryuk.

What Was the Ryuk Ransomware Attack?

Ryuk made its first appearance by jumping onto the radars of information security professionals in August 2018. It affected three organizations during its first two months of deployment while attackers made off in more than $600,000 in ransom dollars.

What made the Ryuk attack so fascinating is that it contained features that are not common among ransomware categories.

For example, Ryuk was able to automatically detect network resources and encrypting them while simultaneously removing back-ups for shadow copies on the back end of a network. These techniques are next-level, and business owners are wise to be wary.

How Did the Ryuk Infection Spread?

Ryuk was able to spread across three organizations by acting as an intermediary payload using botnets known as Emotet and TrickBot.

For non-tech geeks, the term ‘botnet’ is a portmanteau of the words ‘robot’ and ‘network.’ They are primarily used to take control of information systems and infect devices across an internal network of bots that hackers control remotely.

So, here is what happened in the simplest terms possible: the Emotet botnet infected the user endpoints, which then caused it to spread through the entrance network while launching a spam attack across the board.

Not only did it accomplish the seemingly impossible feat of gaining network access, but it also deployed additional malware scripts to users on the same or different locations. This resulted in both devastating time and money losses.

What types of businesses are being targeted with ransomware in Canada?

The types of businesses in Canada that are being heavily targeted with ransomware attacks include Financial institutions, accounting firms1, hospitals and medical clinics2, and industrial and energy firms1.

Measures Business Owners Can Take to Protect Themselves

Now that you have a solid understanding of what ransomware is, how it works, and what happened during the Ryuk attack, we can now shift focus on what really matters: solutions!

For your business to effectively defend against network attacks, such as the example seen in Ryuk, you need to deploy specific technologies that are conducive to your needs and operations. Take into consideration the following aspects of a robust solution, including:

  • Antivirus scanning
  • Human review and analysis
  • Host intrusion prevention
  • Personal packet firewall filtering
  • Application security
  • Device management

As you can see, there are several considerations that business owners must make when it comes to defending against ransomware attacks.

These efforts are often more than most small and medium-sized businesses can handle. Therefore, you should enlist the help of a trusted IT professional that understands your business’s framework.

1 https://www.carbonblack.com/wp-content/uploads/2019/09/Canada-Threat-Report-FINAL.pdf

2 https://www.cbc.ca/news/technology/ransomware-ryuk-ontario-hospitals-1.5308180

Vancouver Office

200 – 17577 56 Avenue, Surrey, BC V3S 1C4
View Location >

Nelson Office

A – 1016 Seventh Street, Nelson, BC V1L 7C2
View Location >

Courtenay Office

917C Fitzgerald Avenue, Courtenay, BC V9N 2R6
View Location >

Edmonton Office

13555 156 Street NW, Edmonton, AB T5V 1R9
View Location >

Toronto Office

A-220 Markland Street, Markham, ON L6C 1T6
View Location >

Victoria Office

329 – 1095 McKenzie Avenue, Victoria, BC V8P 2L5
View Location >

Vernon Office

101 – 1325 Polson Drive, Vernon, BC V1T 8H2
View Location >

Calgary Office

11 – 3110 14 Avenue NE, Calgary, AB T2A 6J4
View Location >

Red Deer Office

8 – 4699 61 Street, Red Deer, AB T4N 7C9
View Location >