We’ve all seen the headlines about oil pipelines, energy companies and enterprises being hit by ransomware attacks. Truly terrible events impacting huge numbers of people. However, the reality is that these events are happening continuously to SMEs worldwide; every day. We only need to look to the news coverage from a couple of weeks ago on the administration of KNP Group (includes the well known “Knights of Old” brand) to see that these events can force the closure of businesses that we perceive to be successful and robust.
Speak to many people and they will tell you that ransomware is a threat to people who fall into one of two categories:
However, as you can imagine, the reality is vastly different.
Many ransomware attacks are purely opportunistic. Criminal organisations have the capability to scan the internet systematically in search of susceptible devices with recognized software vulnerabilities, subsequently automating attacks. To illustrate, envision a scenario where a customer’s network is guarded by a firewall that harbours an unpatched vulnerability and is susceptible to a known exploit; the process of launching an attack under these circumstances becomes relatively straightforward. Subsequently, a multitude of tools are available to facilitate establishing a foothold within the network.
Phishing continues to be the number one attack vector, often the very first link in the chain for a ransomware attack. With MFA now in place for most organisations (if this is not the case for you, then please contact us for assistance), many believe that this will be enough to stop an attack. Unfortunately, this is not the case; whilst MFA significantly helps to reduce attacks; there are exploits that can certainly bypass this.
A robust defence is all about ensuring that there are multiple layers in place to make an attack less likely. An example list is below: