5 Ways Corporate Networks Are Infected with Ransomware

by | Oct 27, 2020 | Business, Cyber Security

5 Ways Corporate Networks Are Infected with Ransomware

According to Verizon’s 2020 Data Breach Report, most ransomware was delivered via email in 2019. Of the reported cases, 45% used office documents as attachments with an occasional .zip or .rar files. Some bad actors embedded links in emails that sent the recipient to a website that contained the malware.

Ransomware is a type of malware that locks or encrypts data files, so they are no longer accessible. To get control of their digital assets, companies must pay a ransom. If the ransom is paid, a key is provided for unlocking or decrypting the data, although not in every instance.

How To Protect Against Ransomware Attacks

Malware can infect a computer system through several vectors, such as:

  • Phishing
  • Compromised websites
  • Unsecured endpoints
  • Weak credentials
  • Software vulnerabilities

The best way to protect against a ransomware attack is to eliminate the most common ways the virus can be delivered.

Software Vulnerabilities

Hackers spend hours looking for software vulnerabilities that enable them to gain unauthorized access to a network. Once they have access, they can install ransomware or steal digital assets. Software vendors spend hours trying to eliminate those vulnerabilities. When vendors fix a vulnerability, they send out software updates. If these updates are not applied, you increase the risk of a successful cyberattack.

Remote Access

Securing a network in an office environment is not the same as securing a network distributed across borders. With more endpoints residing outside the firewall, data must be protected while in transit and at rest.  Hackers are lurking in cyberspace, waiting to discover a remote device with no- or outdated virus protection.  All they need is that one opening to install ransomware onto your network.

No matter the endpoint, make sure the device has some form of virus protection. Consider using a virtual private network (VPN) when sending or receiving data from company servers. For less secure zones, implement micro-segmentation to limit the damage should a device become compromised. Finally, look at creating a zero-trust network that uses multiple layers of security to protect data.

Weak Credentials

Cybercriminals have credential tools that make it easy to guess weak passwords. For example, a four-digit passcode has a limited number of permutations. Hackers simply run a program that tries each permutation until the correct one is found. With strong passwords, the number of permutations increases, making the effort less appealing to bad actors.

At a minimum, consider implementing safeguards that require strong passwords and force a password change every 90 days. Better yet, implement multi-factor authentication (MFA). With MFA, an employee signs on with a username and password. A code is then sent to the employee’s smartphone. The employee enters the code as a second point of verification.

Compromised websites

Hackers have become experts at creating imposter websites that appear identical to the legitimate ones. One accidental visit to the wrong website and ransomware has infected your network.  For example, you’re researching a topic for work online. You’re skimming through the information and clicking on links that seem interesting.  You aren’t looking at the website as much as the article. Without realizing it, you’ve landed on an imposter site.

Although virus protection solutions can flag potentially imposter sites, the best way to protect against the threat is employee education. Your company can block websites and restrict surfing, but people are the weakest link. Keep reminding them of security’s best practices.

Phishing emails

Phishing emails try to trick people into performing an action or providing information that gives cybercriminals unauthorized access to data or a network. These efforts have become quite sophisticated to the point that they mimic the appearance and the language of a legitimate email. Again, the best defense is an educated workforce.

Recent studies indicated that 91% of all cyberattacks begin with spearfishing, which is phishing targeted at specific individuals. These emails are the most common method for infecting a network with ransomware. It is projected that cybercrime will reach $6 trillion annually by 2021, and ransomware will be the primary means of attack.

No company is exempt from cyberattacks.  Ransomware attacks were estimated to occur every 14 seconds in 2019 and are projected to occur every 11 seconds by 2021. Don’t let your organization become a cybercrime statistic.  Contact EVERNET to discuss how to protect your company from attack.