Numerous companies and state governments have been plagued by ransomware attacks, which are now more common than ever. Unlike other cyber threats that usually go unnoticed for long periods, a ransomware attack is experienced immediately, and its impact is often destructive.
Unfortunately, the recovery plans from a ransomware attack are quite limited. The two available options: pay the ransom or move to a disaster recovery mode to restore infected systems. However, one cannot be certain if the decryption key provided by the hacker, after paying the ransom, would serve its purpose.
So, most organizations opt to pay the ransom. This is might be due to lack of proper data backups–or the hackers may have also encrypted the back-ups!
Microsoft stated: “We never encourage a ransomware victim to pay any form of ransom demand. Paying a ransom is often expensive, dangerous, and only refuels the attackers’ capacity to continue their operations; bottom line, this equates to a proverbial pat on the back for the attackers. The most important thing to note is that paying cybercriminals to get a ransomware decryption key provides no guarantee that your encrypted data will be restored.”
Microsoft said every organization should treat a security incident as a “matter of when” it occurs and not “whether” it will happen. The tech giant also summarized few steps intended to help companies better plan and prepare to respond to cyber incidents:
- Use an effective email filtering solution
- Regular hardware and software systems patching and effective vulnerability management
- Use up-to-date antivirus and endpoint detection and response (EDR) solution
- Separate administrative and privileged credentials from standard credentials
- Implement an effective application whitelisting program
- Regularly back up critical systems and files
In its recently released 2019 Cybersecurity Trends report, Microsoft highlighted that phishing was one of the attack vectors that was rising over the past two years. “In 2019, we saw phishing attacks reach new levels of creativity and sophistication,” Microsoft said.
Microsoft reviewed three of the intelligent phishing attacks it had seen in 2019, which include: Hijacking Search Results, Customized 404 Not Found Pages, and Man-in-the-Middle Phishing.