The digital world has been plagued by hackers, scammers, and advanced forms of malware ever since the internet became truly mainstream. Although these threats have been on the radar of service providers and industry professionals for decades, the isolated nature of these attacks has somewhat desensitized the general public about the severity of such attacks. Most users tend to have a “That’ll never happen to me” attitude when using online services, assuming devices have enough security features to combat any threats. However, the pandemic has caused a monumental rise in online activity, causing criminals to step up their game against well known security tactics with ransomware programs.
The surge in ransomware that has risen since 2019 has forced the Federal Bureau of Investigation to release a detailed warning to citizens and business leaders for upcoming holidays, offering useful ideas to ensure safe online practices and tips to avoid falling into common traps. According to the FBI report, holiday weekends have a statistically higher chance of fostering ransomware, due to most offices closing for extended periods of time. Some ransomware attacks need time to develop before becoming fully activated, which have a great chance of going unnoticed over the course of a long weekend.
Successful ransomware attacks can have devastating financial consequences if left unnoticed. According to the FBI’s warning, the american public collectivity lost an estimated $4.1 billion in 2020 alone, a 69% increase from the previous year. Attackers have also become increasingly greedy with their requests, as ransom demands rose 225% between 2019 and 2020.
As part of the FBI’s warning, the agency has released a number of useful tips to discover potential threats within networks before they land:
- Understand the IT environment’s routine activity and architecture by establishing a baseline.
- Review data logs.
- Employ intrusion prevention systems and automated security alerting systems.
- Deploy honeytokens and alert on their usage to detect lateral movement.
Business and individuals alike should also consider safe practices to mitigate risks, including:
- Make an offline backup of your data.
- Do not click on suspicious links.
- If you use RDP—or other potentially risky services—secure and monitor.
- Update your OS and software; scan for vulnerabilities.
- Use strong passwords.
- Secure your network(s): implement segmentation, filter traffic, and scan ports.
- Secure your user accounts.
- Have an incident response plan.
Readers can click here for the FBI’s full report, as well as additional details for maintaining proper network security.
Edited by Maurice Nagle