Follow us on Telegram for the latest Tech news and reviews


Ransomware – a business threat the requires attention


Global news headlines over the last 12-18 months have certainly assisted in endorsing the very real and growing threat of cybercriminal activity – in particular – ransomware. Last year’s events alone – the WannaCry and ExPetr ransomware attacks – are a reminder of just how crafty cybercriminals are becoming, and how their attention is consistently turning towards the business world.

In fact, in 2017, 26.2% of those targeted by ransomware were business users. Furthermore, in Q1 of 2018, our research shows an 8.5% increase in ransomware attacks in the Middle East, Turkey and Africa (META) region, in comparison to Q1 of last year. And what’s even more concerning is that the exploit used in the WannaCry outbreak (EternalBlue), is still impacting users. According to Kaspersky Lab data, during the year, May 2017 – May 2018, more than 2 million users were attacked by the EternalBlue exploit.

With expectations that ransomware based attacks are likely to increase, what can local businesses do to ensure they don’t fall victim to the growing ransomware threat?

TechArena On Telegram

A true cybersecurity approach

Cybersecurity in the digital age should no longer be viewed as a siloed approach that only requires some protective software implemented on a business server, in an aim to prevent a cybersecurity incident. Executing a cybersecurity strategy that is truly effective requires the business to invest in cyber threat intelligence services, supported by proven technology solutions.

This gives the business the foresight they need to not just prevent cyber security incidents from happening, but to predict, detect and respond to threats in real-time and flexibly – ensuring a full scope of protection, constantly.

Know your landscape and adapt as needed

Cybercriminals seldom rest. Rather, their work and tactics only evolve as technology advances. Ransomware attacks can be defined by various different modifications, each posing a potential risk to an unprepared business. Organisations – even those following a true cybersecurity approach – therefore need to ensure that they stay abreast of the latest cyber incidents impacting business and with this, run the necessary patches offered on an existing exploit and review where any potential vulnerabilities may exist within their infrastructure timely, to plug any gaps as necessary.

Regularly back up data

Although most businesses have data backup structures in place, how many run regular checks to ensure backups are taking place frequently and effectively? Ensuring business critical and sensitive data is backed up accurately and of course securely should form a key component of a business’s true cybersecurity strategy. Having the data backed up, can allow a business to respond to any form of ransomware attack timely and initiate the required steps to avoid further damage.

Never pay the ransom

While it can be very tempting to pay the ransom to get that business critical (and often sensitive) data back, it is not encouraged to ‘give in’ to cybercriminals. Paying the ransom only supports their efforts to advance in cybercrime. Over and above this, there is never a guarantee that all the data and files being held ransom, will be restored safely.

With the rate at which we are seeing ransomware attacks advance and take place, it can be daunting for a business to get this approach to cybersecurity right internally. Partnering with an external service provider who specialises in this field, and who can provide the threat intelligence needed for effective protection can really benefit a business wanting to avoid falling victim to ransomware.

By Riaan Badenhorst, General Manager, Kaspersky Lab Africa

About author

Tech Arena is an independent technology news website that mainly covers social media news, mobile and gadget news and reviews, apps and software among others. The site focuses on tech news from all over the world that directly impact Kenya.
    Related posts

    The risks of using public Wi-Fi in Kenya and how to safely use it


    Cybersecurity in Africa: Why Many Are Still Unaware of the Risk


    The Imperative for Digital Development and Public-Private Partnerships in Least Developed Countries


    Understanding Cloud Security: Types, Best Practices, and Benefits

    Sign up for our Newsletter and
    stay informed