Latest News

Mitigating ransomware threats in the next phase of hybrid working.

Paul Wooldridge, Future Workplace Practice Lead at SoftwareONE UK, considers how businesses can tackle the growing threat from ransomware

Lining the pockets of cybercriminals and hiding in plain sight, ransomware attackers are now amongst some of the highest earners of the dark economy.  The overall market is expected to generate over $265bn USD in revenue within the next decade – and ransomware will continue to pose a threat to organisations across the globe.    

Cybercriminals are now masters of their trade, understanding and creating the perfect business model; from recruiting top talent, and creating robust ransomware frameworks, to reconnaissance, lateral movement, data exfiltration, encryption, the payment systems and decryption. 

 The sudden increase in ransomware attacks is ruining businesses and no one is safe – and it’s having a huge impact on the economy and the ability for employees to gain access to company networks when working remotely.  

To maintain a robust security posture, organisations need a way to mitigate ransomware attacks facing their hybrid workforces. So, what steps can business leaders take to reduce the risk of breach and reduce the impact of a ransomware attack?  

The rise of ransomware attacks amongst hybrid workers 

Cybercriminals are becoming more sophisticated in their use of tactics such as phishing emails that trick employees into allowing a hacker access to a company’s information security network. Most ransomware attacks start with simple spam and phishing emails, and many more occur because of poor cyber security training and weak passwords. 

Ransomware attacks are becoming more common, and hybrid working arrangements are making businesses more vulnerable than ever before. It’s no wonder that 88 % of global information technology decision-makers believe that employees have increased an organisation’s risk of a security breach by using personal devices for work.  

Although they may use some security tools, like anti-virus, to protect their device, cybercriminals often write malware intended to evade detection. When employees connect to the corporate network – whether remotely or on location – those devices can bring the ransomware with them. 

We can no longer deny ransomware is on the rise–in terms of attack frequency and the size of the ransom pay-out. The Hybrid Workplace can become a cybersecurity nightmare when managed poorly and while organisations are constantly stepping up their approach to cybersecurity, it is important to remember that threat actors are too. 

Educate and elevate. Mitigating ransomware threats for the hybrid workforce 

We’ve heard it all before, fail to prepare, then prepare to fail – and the same can be said for educating your hybrid workforce on cybersecurity. But it is not just about educating them, they need to understand why security is so important.  

Awareness and Education plays a crucial role in mitigating security breaches, particularly when it comes to ransomware attacks. A Verizon report revealed that human error plays in 85% of ransomware attacks, with that more than 90% of cyberattacks infiltrate an organisation via email. 

Despite organisations trying their best to control email gateways, forwarding the majority of phishing emails to spam, employees still run a high risk of clicking on a link and compromising their own details as well as corporate data.  

To mitigate this, business leaders need to focus on adoption and change management for their employees, so that they can understand the risks and recognise the warning signs. Sending out fake phishing emails to staff can prove effective, as they allow IT leaders to educate staff during the day when their guard is most likely to be down. Then when staff click on the phishing link, they will be directed to a page that explains what they have done wrong and what signs they may have missed. 

We live in a digital age where our personal and professional lives are intertwined on the internet. Businesses need to understand that cybersecurity training is no longer optional, but necessary for survival in the new digital working landscape.  

Big brother needs to be protecting: The importance of endpoint security 

As businesses continue to adapt to the new remote working era, so does the need for heightened endpoints protection. This is not to be taken lightly, the cost of not securing a network can be far greater in terms of data loss, regulatory fines, and reputational damage. Effective endpoint security is now a must for modern organisations to remain secure in an increasingly digital landscape.  

However, managing and securing endpoints is challenging, especially when employees are working anywhere and everywhere whilst using their own devices to access corporate data. With the shift towards mobility, security must now occur at all points within a network. At a minimum, organisations should put in place anti-virus protections that regularly scan devices using Artificial Intelligence (AI) and Machine Learning (ML) to help predict new malware variants. Taking proactive endpoint security actions can help mitigate risk by reducing the likelihood that a ransomware attack will be successful. 

Centralised security networks are proving ineffective in today’s dispersed working landscape. The reality is that more and more employees are now operating outside the corporate security structure and today’s cybercriminals are operating at extremely sophisticated heights. Traditional solutions like on-premises firewalls and anti-virus just aren’t enough anymore when it comes to protecting precious company data. 

In 2022 data is the lifeblood of a business – and protecting it is vital for business continuity. 

These cyber attackers aren’t going away. Once we learn to control and minimise ransomware attacks, they will grow to target different verticals and evade more of IT’s defences. Organisations must be prepared for what’s ahead and understand the difference between being proactive and reactive. Those IT leaders that adopt a proactive IT security approach can prevent more threats, identify potential security issues faster, incur fewer breaches, and minimise damage from attacks more effectively.