New data from the cybersecurity company Darktrace shows that over the last three years, the monthly average of Ransomware attacks has increased by almost a third throughout the holiday period.
Ransomware is a type of Malware that prevents users from accessing their systems by crawling and encrypting files. To retrieve the information, the organisation must pay a ransom.
Darktrace believes that attacks will spike higher than ever before this holiday season, as 2021 has already been a record year for Ransomware and malware infections.
Justin Fier, Director of Cyber Intelligence and Analytics at Darktrace said “based on what we’ve seen in previous years, holidays are consistent target periods for cyber-attackers. Interestingly, the largest rise in attempted Ransomware attacks is between Christmas and New Year’s when attackers know there will be fewer eyeballs on screens defending against threats.”
In addition to reduced staff numbers, this increase in attacks can also be contributed to the sheer necessity of data during this period as retailers, manufacturers, financial institutions, and organisations, in general, strive to keep up with the increased demand for products and services that the holiday period brings.
Sainsbury’s hit by Kronos attack
A recent example of this can be seen from Kronos, a company based in Massachusetts that supplies a variety of cloud payroll services. The organisation was infected with Ransomware which impacted the business itself along with an undisclosed number of customers, including the retail giant Sainsbury’s.
With staff members working overtime throughout Christmas to meet demand, the Supermarket chain has lost over a week’s worth of data on its 150,000 UK employees through the attack, with Kronos simply telling customers that some services would be offline for several weeks and that they should “evaluate and implement alternative business continuity protocols”.
Stories like this are becoming more frequent and it is now best practice for organisations to have a complete Ransomware protection strategy in place.
Four ways to build your Ransomware defences
The best way to protect your organisation is to layer its defences from within. Some simple, yet overlooked mechanisms include:
- Cyber Security training: Ransomware attacks rely heavily on a user opening a phishing email and employees must receive regular cyber-security training, which includes phishing simulation tests.
- Back up data: Backups must be regularly maintained so that data loss is minimal. The 3-2-1 approach is the industry standard for backup and keeping an air-gapped offsite backup of this data is essential.
- Keep software updated: Ransomware attackers can discover entry points within popular software and exploit these vulnerabilities. One notorious example of this was witnessed in 2017 with WannaCry, which brought the NHS to a standstill for several days.
- Evaluate supplier’s business continuity protocols: Businesses should always evaluate their supplier’s business continuity protocols to establish whether they are a good fit for the organisation. For instance, Microsoft 365 is a commonly used business application, yet many don’t realise that Microsoft doesn’t take responsibility for the data.
Microsoft may host the information, but it is the organisation’s responsibility to protect it and should an outage occur, there is no guarantee information would be recovered so an independent Microsoft 365 backup solution should be considered.
Nimbox Ransomware protection
Your data is the bloodline of your business and the Nimbox vault snapshot feature means that in the event of an incident, organisations can quickly recover data from team shares and personal folders, restoring it as it existed at a specific point in time – before the Ransomware infection took hold.
Our customers can simply say ‘No’ to Ransomware. Find out more about Ransomware protection with Nimbox.