Ransomware attacks continue to grow in frequency. As well as being more common, ransomware is also getting more potent. As per Veeam’s 2023 Ransomware Trends Report, 21% of companies paid the ransom but could not recover their data. The threat landscape is as volatile as it has ever been. There are more attacks taking place. They are more diverse. And they can have grave consequences for the companies they affect.

On the other hand, rather than tremble with fear at the awesome power of the cyber-attacks waiting to be deployed against them, organizations must focus on what they can control – their defence. Protecting your business against cyber-attacks requires following some fundamental and consistent principles – no matter what is thrown at you.

The ransomware wild west

There is a lawless and brutal feeling about businesses’ current cyber landscape. It is difficult for governments to hold cyber criminals to account, and companies are often keen to minimize public attention towards an incident that has compromised them. This contributes to a situation where almost all the focus is on the victim (the business) rather than the criminal (the attacker).

Furthermore, ransomware – and most contemporary cybercrime – is almost indiscriminatory for those who suffer. The fact is that every business is a target. Yes, hacktivist organisations such as Anonymous use organised cyber-attacks to exercise social justice and call out businesses or governments they view as immoral, unlawful, or dangerous. But even the most philanthropic and virtuous companies can find themselves begging a cybercriminal gang to restore their data and systems while a hefty ransom is demanded.

You often see a comparison made between cyber-attacks and fishing. Hence, the term ‘phishing’ refers to using an email or text as bait to trick a victim into ‘biting’ – in this case, clicking on the link and unwittingly downloading malware onto their device. With ransomware especially, we are now seeing industrial-scale attacks being carried out, which are more analogous to trawler fishing. This isn’t one guy with a rod casting out to get a bite off one or two fish. It’s AI-infused algorithms programmed to target everyone and everything – playing a blind numbers game to catch whatever it can.

This indiscriminate nature is compounded by cyber-attacks being generally difficult to contain. For example, cyber warfare between nation-states threatens every organisation – not just those deemed to be in the firing line. We saw this with the NotPetya attack in 2017 – an attack on a specific utility company – which impacted multiple unrelated organisations through an entirely organic chaos spread. Attack types also continue to evolve. For example, the LokiLocker attack was one of the first reported ransomware strains to include a disk wiper functionality. This means organisations are not only held to ransom by having services suspended and threats of data extortion. Now, they are being threatened with losing vast swathes of data entirely if they do not pay up.

Consistent principles of defence

There is some good news for businesses. No matter how scalable, spreadable, or malicious an attack is, these various evolutions can be viewed as attackers simply using bigger guns and more of them. The fundamental principles of preparing your defences against even the most sophisticated and powerful ransomware stay relatively the same.

First, practice impeccable digital hygiene. All employees must be trained to identify suspicious content and be warned of the impact that malpractice using work devices can have. For all the might at the hands of cybercriminals, in many ways, their biggest weapons are unsuspecting employees who give them the keys to the back door of an enterprise network. Given the scattergun approach now adopted by many cyber-attacks, criminals are not necessarily targeting your organisation specifically. But you’ll become a victim if you prove to be an easy hit.

With that said, all businesses must prepare for their defences to fail – no matter how robust you might think they are. Concepts such as zero trust and deploying techniques such as two-factor authentication can be useful for restricting an attacker’s access to data by taking over one individual’s workstation. Ultimately, the best way to protect data is to ensure that it has been securely backed up and fully recoverable before an incident occurs. Follow the 3-2-1-1-0 backup rule, which states there should always be at least three copies of data on at least two different types of media, at least one off-site and one immutable or offline, with zero unverified backups or errors.

While the headlines and constant discussion around cybersecurity and ransomware can be daunting, it’s important to remember that the fundamental actions required to protect data remain the same. Data Protection and Ransomware Recovery strategies ensure businesses can protect all data from cyber-attacks, server outages, accidental loss, and deletion across physical, virtual, cloud, SaaS, and Kubernetes environments. Investing in a data protection strategy and taking advantage of a solution that enables continuous backup and Disaster Recovery (DR) can give businesses peace of mind that should the worst happen, they never need to pay the ransom.