Over the past few years, ransomware has challenged the cybersecurity readiness of businesses on an unprecedented scale. Once thought to be the “rich man’s” cyber threat, ransomware attacks took on a life of their own when malicious actors began attacking systems and networks indiscriminately, particularly as the COVID-19 crisis wore on.
Ransomware attacks were once confined to larger organizations, because they offered higher rewards for the work that the cybercriminals put in. But since the pandemic, all bets are off – ransomware attacks have skyrocketed worldwide, with an attack hitting an organization every eleven seconds. Of every day.
Barracuda Networks’ The State of Network Security in 2021 report said no fewer than 62% of Singapore businesses had suffered at least one ransomware attack in the preceding year. Emails were a favourite entry point, but both network security and other critical infrastructure were also targeted.
The World Economic Forum surveyed organizations that between them faced an average of 271 attacks. Each successful cyber breach cost an individual company around US$3.6 million in 2021. What’s more, a significant proportion of victims pay the ransom demanded.
Armed with the knowledge that firms in the APAC region are willing to pay to unlock their privileged data, ransom demands to decrypt company systems have soared sky-high.
Victims who pay off the ransom are often retargeted for another payment within just months. It is also not unusual for these cybercriminals to sell off the data in any case, even after being paid in full by the company. After all, why get paid just the once, when a double pay day is within your reach?
So what can organizations in the region do against such an insidious threat?
Barracuda Networks has the solutions to protect your business against ransomware, and it makes it as easy as 1-2-3. Its 3-step ransomware protection checklist starts by recognizing just how vulnerable user credentials are in any organization.
Step 1 – protect your credentials and train users to identify phishing emails and social engineering attacks.
Barracuda Email Protection provides multi-layered protection against sophisticated email threats. It includes AI capability to identify social engineering tactics and block phishing emails before they hit a user’s inbox. Its security awareness training platform teaches teams to recognize and report suspicious emails.
Emails that evade email security need to be dealt with quickly. Barracuda Email Protection also provides automated incident response for post-delivery remediation, dealing with threats in minutes not hours.
Step 2 – secure vulnerable web applications and access routes, including online forms, customer service portals, and access from third-party gateways.
Applications often have open vulnerabilities that can be exploited to gain access to your data, for example, the recent Atlassian Confluence zero-day vulnerability allows unauthenticated, remote attackers to create new administrative accounts, execute privileged commands, and in turn seize control of servers. Barracuda Web Application Firewall is the next-generation firewall that protects websites and applications from advanced cyber-threats such as OWASP Top 10, zero-day and brute force attacks.
Furthermore, it’s important to protect access to applications. Apart from using multifactor authentication (MFA), organisations are recommended to use a zero-trust access solution that enables role-based access, multi-factor authentication and continuous verification of user and device identity. Barracuda CloudGen Access is a zero trust solution that effectively mitigates risk with remote access and provides increased security and performance compared to traditional VPN technology.
Step 3 – back up your data and have a data recovery plan that enables you to quickly deal with the attack, recover your data and avoid even the discussion about whether to pay a ransom.
Whether data is held onsite or in the cloud, nearly all of it can be vulnerable to a ransomware attack. Organizations can get around this cycle of extortion by using a cloud-native, secure, easy-to-use backup solution. Barracuda Cloud-to-Cloud Backup provides backup for all Microsoft Office 365 data with granular restore capability and instant scalability.
Barracuda Networks believes every business deserves access to cloud-first, enterprise-grade security solutions that are easy to buy, deploy, and use every day. Over 200,000 organizations globally (including in Singapore, India, Malaysia, and Hong Kong) already rely on Barracuda for their holistic protection needs. Protecting email, networks, data, and applications, using innovative solutions that grow and adapt as needed, Barracuda Networks offers real and effective solutions to the huge rise in ransomware attacks.
Learn more about how the Barracuda Email Threat Scanner insulates your inbox as the first line of ransomware defense. Start your free consultation to begin building your ransomware protection plan today.