Ransomware is evolving and it’s more dangerous than ever

Cyber criminals are attacking an increasing number of businesses in the manufacturing and retail sectors. Using ransomware, they disrupt supply chains without warning, resulting in serious and lasting financial damage.

For the manufacturing and retail sectors, supply chains are intrinsic to business and many use complex production equipment and machinery connected to computers which may in turn be connected with external suppliers. Through the advancement in technology to enhance production, many businesses in these sectors don’t realise exactly how vulnerable they are to these potentially destructive attacks because of the equipment they now use and rely on.

While cyber-attacks are nothing new, ransomware has evolved beyond its original capabilities. Early strains traversed networks and encrypted files before a ransom demand was posted but any reliable, local backup solution could easily recover using yesterday’s data. This meant IT services typically resumed within a few days.

However, with the onset and development of the ‘dark web’, ransomware packages are readily available and simple to use, meaning any novice with malintent, can infect a business network using a far more advanced type of ransomware that is still evolving.

With an estimated average of around 200 days from breach to detection, the ransomware hackers now use has time to infect and encrypt far more data. On its ‘trigger’ date, all encrypted data becomes embedded with the ransomware meaning if any of that data is recovered, it re-infects the network creating attack loops that cannot be repaired.

With such potential disruption, many companies pay the ransom as the loss of data would result in far more than a financial loss; it would be a loss of standing and reputation in their industry.

There is a solution however, and that is to scan all files for vulnerabilities during backup, and recovery, quarantining any infected files in real-time. Scanning for these vulnerabilities, also known as zero-day exploits, ensures malware is detected before it detonates.

Asigra Cloud Backup has developed their Attack Loop Service for onsite data and network files as well as within Microsoft 365 services including OneDrive and SharePoint. As ransomware has evolved, so has its ability to target on-premise data as well as data stored in cloud applications meaning you cannot always rely on your cloud provider for protection.

Having a reliable recovery plan in the event of a cyber-attack is crucial and should be part of any business’s disaster planning process, particularly because many insurers do not pay out if a company does not have a robust backup solution in place.

When it comes to ransomware, prevention is definitely better than the cure; investing in the backup and security of your data could save you from long-lasting financial and reputational damage.