Evolution of Ransomware defense to proactively counter Ransomware attacks

December 9, 2020
ransomware proactive defense ransomware attack

The numerous ransomware attacks are becoming a grave threat and problem to the cybercommunity. Thousands of companies have been victimized by these ransomware actors resulting in significant monetary losses, and the worst sensitive company data are being sold off to the black market giving other malicious actors to further cause damage to the victimized company.

Current statistics show that from a mere small-time attack in 2015 that reported paid a total ransom of USD 354 million, the estimated projected ransom that has been extorted to victims will sum up to USD 20 billion in 2021. This was reported due to the countless ransomware attack incidents that have been reported that have been boost benefitting from the current pandemic situation.

On the current trend, health institutions have been on the top lists of targeted companies that had suffered the ransomware attacks. Due to the reason of emergency cases, inaccessible health providers’ insurances can cause the life of an individual. A cited example was the death of a critical patient that have been declined health services of a hospital that was unable to access the system of their insurance provider due to the ransomware attack. The poor patient needs to be transferred then to a different hospital wherein shed died while on transit. A predicament that the patient had suffered because of these heartless adversaries.


According to research, the current success and boost of ransomware attacks have been elevated due to the reason that these adversaries were able to evolve their malicious applications through collaboration.


This means that different ransomware actors contributed a special feature of their in-house program to create a more lethal and stealthier type of ransomware program. This is an addition to the fact that ransomware application has been sold to the black market as ransomware-as-a-service. Thus, many adversaries can create a more advanced type of program that could bypass security software installed by many companies that can only detect known ransomware program.

For the above reason, cybersecurity experts are calling out to also have open communication, and rather than being reactive on ransomware attacks, they are suggesting being more proactive in battling these adversaries. Few suggestions includes to (1) always have an  offline backup of important document that can be immediately uploaded onto the system to ensure operation continuity in case adversary encrypt/locked current data, (2) use segmented type of data storage so that adversary cannot completely encrypt immediately the whole data storage, (3) proactively search for indicators of compromise within the network, (4) limit individuals with elevated access as their profile is usually the main target of these actors, (5) disconnect the access of company devices to social media as malicious actors frequently use this as gateway through the company resources, (5) install latest security software and patches from legitimate developers, and lastly, (7) in case attack has been successful, immediately contact authority and seek assistance in dealing with the adversary as they are well trained to handle such situations, and lastly, (8) ensure that company the security team always provide awareness and current information to end-users as the infection always starts with them.

Following such a suggestion may not entirely free a company from a possible attack, but this will help a lot in battling these malicious actors and minimize their damage to the cybercommunity.

About the author

Leave a Reply