Why Your Business May Be Vulnerable to the Latest Ransomware Attacks

Ransomware attacks

Ransomware attacks are on the rise in 2021

Believe it or not, ransomware has been around since the days of the floppy disk, with the first reported attack taking place in 1989. Over the ensuing decades, more and more malware strains were developed as bad actors congealed into syndicates dedicated to cybercrime.  

Throughout its long history, ransomware has developed somewhat steadily. However, in the last year, it has seen astronomical growth. Precise figures are hard to specify because they rely heavily on self-reporting, but we can gain some insight into the growth in ransomware attacks by comparing multiple sources. 

According to a comprehensive report compiled by Verizon, ransomware attacks doubled in 2021, accounting for 10% of all data breaches. Meanwhile, the FBI’s Internet Crime Complaint Centre (IC3) received 2,084 ransomware reports in the first half of 2021 alone. On a global scale, Sophos has reported that 37% of organisations acknowledged being the victim of a ransomware attack in 2021.

The reason for this growth is simple – ransomware is a multi-trillion dollar industry. The rewards are there. In 2021, syndicates like REvil and Conti made moves to increase their potential for big rewards by focusing more attention on third-party attacks that allow them to target businesses via their supply chain or employees. Since these attack vectors leverage trusted sources, they’re often able to bypass even the most robust cybersecurity measures. 

This is why it’s essential to develop a sound ransomware protection strategy or work with a managed service provider (MSP) capable of putting these protections in place for you. To give you an overview of what the best ransomware protection protocols look like, we’re going to take you through some of the most prominent attack vectors and what you can do to protect your company and your staff from becoming victims. 

The latest ransomware threats

There’s a reason we talk in terms of viruses and strains in the world of cybercrime. These attacks work in much the same way as an infectious disease, and just as physical viruses can mutate and adapt, so too can digital viruses. The difference is that in the digital world, there are humans driving the adaptation. 

In 2021, the following key weaknesses in business security were targeted:

  • Unpatched systems and software: Bugs and holes are inherent to software, which is part of why you receive so many notifications to install updates. Developers are always working on patches for vulnerabilities. However, when users fail to perform updates, these weaknesses remain open to being exploited by bad actors. While criminals have been known to target new vulnerabilities, more often than not, they go for known system weaknesses.
  • Supply chain vulnerabilities: Attacking a weak link in a supply chain can give bad actors access to either a single prime target or the full array of businesses connected to the hacked organisation. 
  • Inadequately trained staff: Phishing emails were one of the major attack vectors for ransomware in 2021, but these are only effective if a member of the target organisation opens the email and clicks the malicious link. Staff may also be targeted via watering hole attacks that focus on websites commonly used by an organisation’s employees outside of working hours. 

For Australian businesses, a local MSP like Invotec can offer protection against all three attack vectors backed up by 24/7 support. This means that if a breach does occur, action will be taken instantaneously, even if it comes in the dead of night. Every minute counts with a ransomware attack, so this level of support is invaluable. 

Though there’s a great deal your MSP can do, it is still essential for organisations to develop supply chain transparency and train staff on cybersecurity best practices. 

The importance of cybersecurity training for employees

The moment an unsuspecting employee clicks a link in a phishing email ransomware can install itself, and the results for your entire organisation can be devastating. To protect yourself and your vital business data, you need to ensure that employees are properly educated on how to detect phishing scams and ransomware attacks. 

Hackers are notorious for discovering new vantage points and methods for delivering malicious code. For example, in 2017, voice message notification emails were the new trend among hackers as the attack vector gave them a way to target companies as well as individuals. Anybody can receive an email with a voicemail notification, so this type of attack poses a significant threat to individuals, businesses, and government organisations.

Malicious voice message notification emails generally come with one of the following two strains of ransomware: 

  • Cerber: Using text-to-speech synthesizers, this ransomware strain pressures victims into paying the designated ransom. The seemingly legitimate email has a voice message that is attached as a .WAV file within a .zip folder. Victims unsuspectingly download the file and folder, allowing the ransomware into their system. Cerber is designed to immediately install and change the names of files to [original file name] .crypted. Unfortunately, the chosen delivery mechanism means that victims will only discover the attack after it has taken effect.
  • Zepto: A Locky copycat, Zepto ransomware is delivered via .WSF files. This type of ransomware has recently expanded beyond its initial malicious .DOCM attachments and zipped .JS files. Now, Zepto uses .WSF files to encrypt the original files on the victim’s PC. The HTML-formatted digital ransom notes are automatically placed in folders, and the original file names are encrypted with a long alphanumeric string that ends with the .ZEPTO file extension. Unfortunately, at the time of writing, there isn’t a decryptor available for Zepto ransomware.

In order to protect your vital data and files from encryption and yourself from ransom demands, it’s essential to educate your employees on cyber security best practices, including how to spot a phishing email. 

Quick cybersecurity tips for ransomware protection

In general, employees should be trained to recognise the format, text body, naming of attachments, email address, and delivery method of all regular notification emails – whether they be voicemail messages from your phone system or upgrade notifications from your MSP. 

In the case of malicious voicemail messages, anti-virus software doesn’t always recognise that the attached .ZIP files are malicious. So, users must pay close attention to file formats. The key thing employees need to know is that system-generated emails will contain .WAV and MP3 files, but they will rarely (if ever) come packaged in .ZIP files or with .PDF, or .DOC(M) files. If a voice message notification contains any of the latter, then it is highly likely to be a phishing email embedded with ransomware.

Ten minutes of employee training on email notifications can save you from ransom demands that can range between 10k (the average for SMEs) and 70 million dollars (the largest recorded ransom to date). It will also save you the cost associated with: 

  • Downtime
  • Repeat attacks (if it worked once, it’s worth another try for bad actors)
  • Late adoption of stronger cybersecurity protections
  • Increased insurance premiums
  • Reputation damage
  • Lost business
  • In some cases, legal costs

As a business owner or manager, it’s also worth ensuring that your antivirus software has both signature-based and behaviour-based malware detection capabilities. Behaviour-based algorithms monitor the behaviour of all files in your system and detect the kind of activity that indicates malware. This means even new malware variants have a higher chance of being picked up as the antivirus software isn’t relying solely on known malicious signatures for detection.

If you’d like to know more about how you can safeguard your business, your data, your employees, and your customers against ransomware attacks, contact us or get a quick quote.

Share this post

Invotec Solutions IconInvotec Solutions

Unit 9/148 Chesterville Road, Cheltenham

5.0 7 reviews

  • Avatar Matt Wilde ★★★★★ 3 months ago
    Working with an education solutions expert such as Invotec has meant that we have had a collaborative partner every step of the way in the development of, not only our ICT network infrastructure, but also in determining how best to engage … More students, deliver content, and drive learning outcomes.
  • Avatar Daniel McNairn ★★★★★ 11 months ago
    Invotec Solutions is a great company. Working in the education field they have been great support when we have had technical issues that have needed high level solutions. I know they have worked throughout the Catholic Education system … More and have always delivered a high level of service and support. Very easy to deal with and friendly support.
  • Avatar Marcia Reynolds ★★★★★ 10 months ago
    Invotec were fantastic! Being a small business owner and IT illiterate, Invotec helped me to get up and operating without an issue.
    I now feel secure knowing that they are there to back me up.
  • Avatar Aaron Hawke ★★★★★ a year ago
    I had the pleasure of working with the Invotec Solutions Team for our Cyber Security requirements. They really know their stuff and my expectations were well exceeded. Thanks Guys, You made it easy!
  • Avatar Korin Roehm ★★★★★ 2 years ago
    Invotec has been a great partner to our company. They're very quick and responsive. If you talk to anyone there you know that they're very knowledgeable in the work that they do.
  • Avatar Jan Chapman ★★★★★ 2 years ago
    Invotec really know their stuff, a great company that want to provide the best service possible. I highly recommend them.

Get a Quote