In recent weeks, there has been a significant increase in news about ransomware-type cyberattacks, consolidating it as one of the main cybersecurity threats and a problem for companies that are not properly prepared to face it. The coronavirus pandemic in the last two years has accelerated the adoption of activities such as e-commerce, online education and teleworking, which has benefited users, but has also opened new opportunities for cybercriminals. This increase, combined with the typical increase in the summer season, has led to a notable growth in ransomware attacks in recent months. According to Cisco Talos, in the second quarter of 2021 alone, ransomware accounted for 46% of all cyberattacks.
Entry points of a ransomware attack
One of the most common accesses for a ransomware attack is email. Workers often connect to corporate email from different access points, which can be insecure, making them easy targets for attackers. In addition, the type of device used also plays a role. Business devices usually have robust security systems, while personal devices, even if they have antivirus, do not offer the same protection, especially mobile terminals. According to experts, 4 out of 10 mobile devices are vulnerable to cyberattacks.
Backup as a Service Model
The Backup as a Service model allows you to contract cloud-based backup and recovery services in a reliable and economical way. As CheckPoint explains in its 'Mobile Security Report 2021' report, 97% of companies suffered mobile threats in the last year, and 46% had cases of malicious downloads that compromised their systems. The lack of training of workers also favors attacks. According to PwC, the average level of cybersecurity culture in Spain barely reaches the approved level, with 2.8 out of 5, and 86% of Spanish companies have yet to implement a cybersecurity culture in their workforce.
Affected sectors
The sectors affected by ransomware attacks are varied. Reports from Cisco Talos reveal that the targets include telecommunications companies, educational and government institutions, transportation and, due to the current situation, the healthcare sector, which has been one of the most attacked in recent years.
Â
A few months ago, the SEPE (State Public Employment Service) in Spain was forced to suspend all its activity due to a ransomware attack, highlighting the seriousness of the problem due to the amount of information handled. Other recent cases include attacks on The Phone House, the University of Castilla la Mancha, the INE and the Ministry of Labor and Social Economy.
How to act in the event of a ransomware attack
In the face of a ransomware attack, Uniway's cybersecurity expert advises staying calm, acting with a cool mind and bringing together those responsible for the affected areas to quickly manage the incident. It is crucial to investigate how, where and why the attack occurred, identify and isolate the affected computers, clone them to send them to the forensic team, report the incident to the authorities, disinfect the computers, change passwords and restore backups. Documenting the entire process is essential to learn from the incident and avoid future occurrences.
Â
The threat of ransomware is real and growing. Companies must be prepared with adequate backup policies, continuous cybersecurity training for their employees, and the adoption of advanced solutions such as Backup as a Service. Only then will they be able to effectively confront and recover from a ransomware attack.
