fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

How does ransomware happen? Here are 7 ways to prevent them

how does ransomware happen.
Ransomware happen when not being careful. Here are 7 ways to prevent them.

How does ransomware happen

The key in avoiding ransomware attacks is to understand how they spread. No one seems to be immune from Ransomware attacks. It is already an escalating threat to organizations. With cybercriminals upping their game to avoid detection, it can be difficult for the average user to understand how they got infected in the first place. 

There are a lot of avenues for ransomware to occur, but these are the four (4) most common ways that ransomware infects its victims:

1. Phishing Emails

This is the most common method hackers utilize to infect their victims’ machines, they spread ransomware through phishing emails. Usually, the hackers trick the users into clicking the email attachment that contains a malicious file and when they do, the game begins. 

The attached file can come into a number of formats, including a Zip file, a PDF, a JavaScript, or a word document. When the attached document is a Word file, the attacker most commonly tricks the user into “Enabling Macros” and thus, enables the hacker to execute a malicious executable file (EXE) from an external web server. The functions necessary to encrypt the data on the victim’s machine are already included in the EXE, and once the data is encrypted, the hacker now gains access to a computer.

A more advanced ransomware attack could not just infect a single PC, but a whole network of it. All it can take is for an employee to open an attachment in the phishing email to infect the entire organization.

2. Remote Desktop Protocol

This is the most popular method hackers use to infect their victims with ransomware. As the name implies, Remote Desktop Protocol (RDP) was created to remotely access a computer by IT administrators to configure it or simply use it. 

With this functionality, hackers can simply search for devices that can be accessed remotely and brute-forcing the password using password-cracking tools such as Cain and Abel, to log in as an administrator.

Once the hackers became administrators, they can now have full control over the computer and can now execute infestation over the computer. 

Also Read: What You Need to Know About Singapore’s Data Sharing Arrangements

3. Drive-By Downloads From a Compromised Website

This is another way hackers utilize to infect unsuspecting users, through what is known as drive-by downloads. When users visit a compromised website, malicious downloads occur without a user’s knowledge. 

Hackers usually execute drive-by downloads by taking advantage of legitimate website software’s known vulnerabilities. They can use these vulnerabilities to their advantage to either redirect the victim to another site that they control or embed the malicious code on a website, which hosts a software known as exploit kits. 

What these exploit kits do is let hackers have the ability to scan the visiting device for weaknesses and if found, without the knowledge of the user, executes a code in the background without the user clicking anything. When executed without fail, the user will now be faced with a ransom note, informing that their device has been infected and demanding payment for returned files. 

4. How does ransomware happen using USB and Removable Media

Lastly, another avenue for hackers to penetrate a network with ransomware is through a USB device. In 2016, Australian police warned its citizens regarding USB drives appearing in their mail boxes. These USB drives masqueraded as a promotional Netflix application. However, when unsuspecting users connect it to their personal computers, ransomware is deployed and infects their computer.  

The Spora Ransomware even has an added functionality of replicating itself onto another USB and removable media drives (in hidden file formats), infecting more machines in which the USB device is plugged into. 

There are ways to prevent ransomware infestation.

7 Ways to prevent and limit the Ransomware’s impact

Ransomware can disrupt the whole operation of a private enterprise or a public institution, no one is specifically targeted. To prevent this, here are seven (7) ways follow:

1. Maintain backups – thoughtfully

It is recommended to back up your data as this is the most effective way to recover it from a ransomware infection. One should consider putting your backup files in an appropriately protected and stored offline or out-of-band, so that it is out of reach to hackers. One could also use cloud services as it retains previous versions of your files, accessible for you to roll it back. 

2. Develop plans and policies

It is always helpful for you to create a response plan for your IT security to use so that they will know what to do when a ransomware event occurs. 

3. Review port settings

A lot of hackers can take advantage of your Remote Desktop Protocol (RDP) port 3389 and Server Message Block (SMB) port 445. Always consider limiting connections to only trusted hosts and consider whether your organization needs to leave these ports open. Always be mindful to review these settings for both on-premises and cloud environments, and work with your cloud service provider to disable unused RDP ports.

4. Harden your endpoints

Always ensure to configure your systems with security in mind. These secure configuration settings can help provide protection from any threat and close gaps concerning security left over from default configurations. 

5. Keep systems up-to-date

Make sure to keep your devices and machines up to date with all the security updates released from time-to-time.

6. Train the team

Train your team on how to respond when ransomware attacks. It is the key to stop ransomware in its tracks. 

7. Implement an Intrusion Detection System (IDS)

Implementing an Intrusion Detection System (IDS) helps organizations to look for malicious activity by comparing network traffic logs to signatures that detect known malicious activity. If there are malicious activities found, IDS will quickly inform you of its presence. 

Also Read: Data Protection Act of Singapore: Validity in the Post-pandemic World

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us