BusinessDay

Explainer: How organisations can block ransomware cyberattacks

The latest report on the state of ransomware by Sophos, a United Kingdom cybersecurity company, revealed that there is an ever more challenging attack environment for organisations as well as the growing financial and operational burden ransomware places on its victims.

A survey by Sophos shows that 71 percent of Nigerian organisations were hit with ransomware in 2021, up from 22 percent in 2020. It said 44 percent of the organisations that had data encrypted paid ransom to get their data back, even though they had other means of data recovery, such as backups.

Globally, 66 percent of organisations were hit by ransomware last year, up from 37 percent in 2020. This is a 78 percent increase over one year, which indicates that adversaries have become more capable at executing the most significant attacks at scale.

This reflects the growing success of the Ransomware-as-a-Service model, which extends the reach of ransomware by reducing the skill level required to deploy an attack, according to the report.

Read also: Ransomware attacks hit 71% of Nigerian organisations with most paying ransom

Here are five steps to block cyberattacks

Install and maintain high-quality defences across all points in the organisation’s environment. Organisations have been asked to review security controls regularly and make sure they continue to meet the organisation’s needs.

Secondly, there should be a proactive hunt for threats to identify and stop adversaries before they can execute their attack. However, if the team lacks the time or skills to do this in-house, it should outsource to a Managed Detection and Response specialist.

The IT environment must be hard by searching for and closing key security gaps, which include unpatched devices, unprotected machines, and open remote desktop protocol ports, among others. According to Sophos, Extended Detection and Response solutions are ideal for this purpose.
Organisations should prepare for the worst. Know what to do if a cyber incident occurs and keep the plan updated.

Finally, make backups, and practice restoring from them so that the organisation can get back up and running as soon as possible, with minimum disruption.

Get real time updates directly on you device, subscribe now.