3 ransomware attack vectors you need to be aware of
Both 2020 and 2021 saw an exponential rise in ransomware attacks, particularly stemming from when the pandemic first begun. Although it’s a new year, ransomware is here to stay and cyber criminals are still using their efforts to target businesses. We look at the 3 most prevalent attack vectors, and how you can prevent attacks.
You’ve probably heard this one many times, it’s one of the most dominant attack vectors afterall. It’s fairly easy for cyber criminals to execute, in fact cyber masterminds are promoting and selling ready-made email phishing kits, along with hosting and even support!
Phishing emails can reach the target’s inbox disguised in many forms, and it’s fairly common for attackers to make the email look like its come from their company itself. It could be a PDF document, a zip file or a Microsoft Office file. And from there, it takes just one click for attackers to install ransomware onto their device and then demand a ransom in exchange for your data.
How to prevent it:
We do keep beating the drum on this one, but it is an important part of your overall security set up… security awareness training! We know that 90% of breaches come down to human error, and a recent study found that more than a fifth of employees will fall for a phishing trap. That’s an alarming figure, and the only way to prevent this is to educate your employees with the right information they need to make proactive and informed decisions before clicking on links and attachments. Once they are equipped with the correct knowledge, employees should be tested regularly to see how much information has actually been taken in.
RDP & Credential abuse
Remote desktops allow users to connect to other computers via a network connection. However, its fairly common for a business to leave their RDP ports exposed online which can be found by large crime groups by scanning the web for any exposed ports. These ports are then used to carry out brute force attacks and gain access to the network.
Once successful, cyber criminals can then either sell the access details on the dark web, or sell to ransomware groups.
How to prevent it:
Applying multi-factor authentication is the key to keeping all your employee credentials safe and avoiding any unwanted individuals accessing your network. Simply relying on password protection isn’t enough to combat today’s threats, all of your users require an extra layer of protection in order to safeguard confidential information.
Any system in your infrastructure that isn’t patched or protected is likely to be an actor vector… think of websites and VPN servers. Cyber criminals only need to find one vulnerability to exploit your systems and gain access to your network.
How to prevent it:
To keep vulnerabilities from being exploited, you need to be able to identify them from the get go. This can be done by implementing a comprehensive Vulnerability Management program. A good program will scrutinise your IT infrastructure for vulnerabilities, and gauge the criticality in order to determine the right measures for remediation. Remember, when it comes to cyber attacks, prevention is always the key!
Using EDR to further protect against ransomware
We’ve given you tips on how to protect these 3 particular attack vectors, but another way your business can prevent ransomware attacks is by introducing an EDR solution to your current cyber security posture. An effective EDR solution has sophisticated layers of protection, and continuously work to monitor your network and endpoints in order to detect malicious activity, remote threats and repair any damage.
For more information on ransomware and how to protect your business, contact our cyber security team today.