Why Ransomware is Paying Off for Attackers

Ransomware attacks have steadily escalated over the last year and a half. Newer attacks have focused on specific targets, demanded higher ransoms, and grown more advanced, targeted and difficult to spot. In early 2020, a new ransomware attack named Maze stole data from infected machines before locking them, giving the ransomware authors an additional revenue stream. WatchGuard’s Technical Product Manager Ricardo Arroyo recently wrote a guest article for Cyber Defense Magazine explaining this escalation in ransomware, why victims should never pay the ransom (short answer: because there’s no guarantee you’ll get your data back) and how companies and individuals can protect their information.

As ransomware attacks have become more targeted and dangerous throughout 2019 and 2020, protecting your business from them has become even more important. Here is an excerpt from Ricardo’s article, in which he analyzes several security controls that can help prevent ransomware:

“Layered security is still important. Companies should secure their gateways with next-gen antivirus, intrusion prevention, DNS and URL filtering, and deep packet inspection. Credentials should be secured with multifactor authentication and endpoints should have up to date EPP and EDR solutions and be fully patched. To address ransomware directly, EPP or EDR solutions should have capabilities targeted at preventing ransomware, and organizations should also back up their critical files frequent…If you have gateway or endpoint security solutions that support DLP, you might consider activating them to prevent your precious PII from being transmitted to the criminals.”

Read Ricardo’s full article in Cyber Defense Magazine here, or look for it in their June print and online e-magazine editions. You can also learn more about new ransomware attacks like Mailto and MedusaLocker here on Secplicity.