There's no question that ransomware attacks are becoming more sophisticated. Not only are hackers targeting bigger and more prolific companies with their malicious software, but they're using more innovative tools than ever before. Some are even targeting secondary storage devices – like network-attached storage (NAS) and other backup storage devices.
Up until now, the majority of ransomware attacks have targeted a user's primary system – including their primary drives. This was troubling enough, as the average ransomware attack amounted to nearly $230,000 USD in 2018. Moreover, ransomware comprised 15 percent of all cyber insurance claims in North America in the same year – barely ranking behind direct hacker attacks.
But thanks to a recent report, issued in Q3 2019 and produced by Kaspersky Lab, it seems that more ransomware is being engineered to specifically target backup storage devices. According to the report, most attacks begin simply enough – the hacker simply starts a massive scan of IP address ranges in hopes to find an accessible NAS.
Examining the Process
Once they've found a target, it's rather easy for a hacker with advanced knowledge to exploit common firmware vulnerabilities and install their ransomware. At that point, the malicious software in question quickly begins to encrypt all of the data – both on the original NAS and on any NAS-connected devices.
After the damage has been done, there's very little an organization can do to recover their data – with the exception of giving in to the hacker's demands and paying the ransom. However, it's never a guarantee that the hackers will hold up their end of the bargain; many organizations have paid the ransom only to wind up losing their critical data in the end.
Moreover, modern ransomware is becoming increasingly sophisticated in other ways, too. Ransomware developers have started to integrate new snippets of code that make them even harder to detect through traditional techniques.
All of this means that organizations have no other choice but to be even more diligent in 2020 and beyond. Since the ransomware problem seems to be growing exponentially on a year-by-year basis, one can only assume that they'll become even more advanced and sophisticated in the coming weeks, months, and years.
Safeguarding Against Ransomware
Thankfully, there are still some strategies you can take to help safeguard your organization against the threats of ransomware. For starters, make sure your entire staff is educated and informed on the dangers of ransomware. Since these applications are often deployed through exposed or vulnerable user accounts, it's important that everyone – not only your IT staff – is familiar with the threats at hand. While it doesn't make your system bulletproof by any means, it certainly makes it harder for hackers to pull off some of their more common tactics.
You'll also want to beef up your current data backup and disaster recovery strategies. For best results, take advantage of multiple backup methods – including online, offline, and cloud-based storage – to mitigate any damage that is done in the wake of a ransomware attack. Although you can't prevent these attacks entirely, you can make your system harder to penetrate on the hacker's end.
Next-Gen Ransomware is Taking Aim at Backup Storage Devices
No comments yet. Sign in to add the first!