Chinese New Year of the Ox – A Ransomware New Year?

Andy Ng, Vice President and Managing Director, Asia South and Pacific Region, Veritas Technologies

As we usher in the year of the Ox – typically associated with traits of being hardworking and honest – a group of unscrupulous actors are hard at work for the wrong reasons. They are the hackers that are looking to profit from the accelerated pace of Asia’s digital transformation. These groups and individuals are relentless when it comes to extracting the maximum value from critical data and personal information held by organisations, and they typically employ ransomware for their nefarious activities. 

Ransomware has continuously been one of the fastest growing cyber threats, with global damages estimated to reach 20 billion by 2021. It is predicted that attackers will target companies grappling with the post-pandemic recovery as they are more likely to give in to ransom demands under pressure.

While it may be commonplace for businesses to fall prey to ransomware, consumers are also at risk of directed attacks as cyber felons become more adept at using increasingly sophisticated tools to gain access to personal or confidential information.

QR codes are making a comeback

QR codes have found a new lease of life in the pandemic world, powering touch-free solutions such as accessing menus in restaurants, facilitating community-driven contact tracing and filtering visitors at various checkpoints. The QR code market has been rejuvenated as a means to keep consumers engaged in a contactless age, but they have also emerged as one of the fastest-growing threat vectors.

Research has shown that people are vulnerable to the dangers of QR codes – 71% cannot distinguish between a legitimate and malicious QR code, and 67% are aware that while QR codes can open an URL, they are less aware of the other actions QR codes can initiate. This is where danger lurks.

For instance, through the process of “attagging”, a genuine QR code is replaced by a cloned QR code which then redirects users scanning that code to a similar website where personal data can be intercepted and breached. Hackers exploit this to their full advantage by tricking users into providing their personal data on malicious websites that mirror the official pages.

New threat vectors

The dangers do not stop there. With a distributed workforce, personal devices continue to be easy conduits to corporate resources including critical and confidential data. Bad actors are preying on the remote workers, exploiting vulnerabilities and naivete to gain access to enterprise networks, files and systems.

QR codes which are seemingly harmless can unleash malice in its truest form as it renders personal devices vulnerable to numerous risks. In some cases, QR codes that function as a virtual business card storing contact information could trigger a rogue attack or exploit by cyber criminals once it is scanned.

According to Veritas research, businesses are getting wary of such threats. Globally, 37% of organisations cited the increased risk of external attacks – which include data breaches and ransomware – as their top security concern. Internal attacks such as leaks and employee errors are also high on the list. Worryingly, we see similar trends across the APAC region, including Singapore.

Best practices to achieve ransomware resiliency

Ultimately, there is no device or computer system that is impervious to cyberattacks. Your smartphone is a powerful computing device and hackers out there have their eyes set on it. That includes personal information such as your login details to different applications, emails, and your financial information.

With employers allowing more individuals to use their own devices to access crucial company information, it is imperative for employers to warn them of the dangers as the attack vectors multiply with every employee in the company.

Ransomware is about detection, protection, mitigation and recovery. Here are five best practices to achieve ransomware resiliency:

  • Understand your data: This is the first line of defense. By improving visibility and control of data, infrastructure and user activity, organisations can better detect vulnerabilities and threats.
  • Protect your IT systems: Implementing the necessary personnel training and investing in malware prevention tools and access management systems. Educating employees on the good data hygiene habits should remain a priority to minimise the occurrence of data breaches or malicious attacks.
  • Mitigate the impact of an attack: Analysing the scope of infection and responding immediately with remediation tools to remove the ransomware.
  • Ensure regular and successful backups: Run backups at least daily and secure them with data recovery capabilities. Employ continuous data protection for critical data so that businesses can recover from data loss almost to the exact point where things went wrong.
  • 3-2-1 rule: Have at least 3 copies of data that are stored on at least 2 different media such as the cloud, with at least 1 copy being stored offsite.

Cyber-attacks have become an inevitability and it is virtually impossible to assure that your data will not be corrupted or stolen. The key to unlock your IT systems or retrieve that stolen data is having a proactive data protection strategy – with the right processes, technology and people in place – to provide a peace of mind for employers, employees, and consumers alike.