Ransomware has become the threat-du-jour for organizations of all sizes as IT teams, CISOs, and CIOs struggle to keep up with the rapidly changing threat landscape and barrage of attacks from cybercriminals and hackers.

While IT teams face the daily challenge of securing networks and servers, end-users face regular cyber threats such as phishing, vishing, whaling, and other internet villainy.  Just when we thought we had escaped the latest in that long list of threats, along comes ransomware to test out corporate IT security defences and preparedness like never before.

“It is hardly surprising that ransomware has become so ubiquitous and successful — it’s a booming business for cybercriminals,” says Paul Butcher, who, along with co-founder Jim Stechyson, runs Canada’s fastest growing cloud service provider, HostedBizz.  “Ransomware has an impressive ability to evolve, sneaking past existing defences like secure email gateways and desktop anti-virus with ease and tricking users into running its viral payload.”

Like most malware, ransomware finds its way into an organization through malicious code often referred to as a Trojan.  Once launched, the ransomware attacks the organization, locks down data access, and demands a ransom payment to regain access. “Cybercriminals work tirelessly to improve their product,” says Stechyson. “Using sophisticated methods to both avoid detection and ensure execution of the ransomware, these ransomware authors are proving themselves to be formidable adversaries.”

Ransomware attacks are indiscriminate, with all industries potentially vulnerable to this type of cyberattack.  The frustration of those affected by these problems is palpable, and most are now looking at a broader cross section of strategies and tactics to protect themselves and, more importantly, to recover post-attack, rather than rely on pure-play security solutions alone.

HostedBizz believes that a multi-layered approach is required to protect any organization. “While most small to mid-sized organizations employ basic security such as firewalls, antispam, and antivirus software, they lack essential systems and processes that assess vulnerabilities, educate end users, and ensure data recovery - simply put the basics are insufficient to protect".

Part of the layered approach includes an ability to identify the presence of malware/ransomware and to notify IT so that the instance can be isolated and eradicated — “the end user plays a big part in reducing vulnerability”.