Ransomware is not a problem that is likely to ever be solved.
This should be no revelation to businesses, who are constantly grappling with more and more sophisticated and malicious attacks.
The Colonial Pipeline and JBS attacks are just two high profile examples of this, demonstrating ransomware's monumental consequences to infrastructure, markets and revenue.
The ransomware threat is so severe even the White House has issued warnings to businesses to increase their cyber security protection.
Ransomware is an arms race, an ongoing threat we all have to be constantly vigilant to. No single security control or solution is going to stop it, meaning businesses need to take a multifaceted security approach.
Here's how.
1. Take Active Action
Businesses need to take active action against ransomware by doing two things. One, by having a literal active element of protection, and two by having some reactive form of recovery.
This may include robust endpoint data protection, antivirus software and even whitelisting software that only allows approved applications to be accessed.
Ransomware is a problem we can't run from, so get prepared. Planning helps keep down the average five days of recovery needed after a ransomware attack. It also helps if you define how much data you can afford to lose and how long you can afford to be down for, parameters that will help forge your response to a potential attack.
It's imperative that companies are actively implementing the right backup and recovery strategies before a ransomware attack.
2. Don't become complacent
Complacency is the enemy of security.
Businesses that operate with the mindset that even their most effective point of endpoint security will and can be breached are and will remain safer than those who dismiss the risks.
This mindset, in combination with an established plan, will better prepare your business for a potential ransomware attack.
3. Have a comprehensive backup and recovery approach
Ransomware gangs when they target a business want to do three things.
1. Steal your data
2. Encrypt your production systems
3. Encrypt any backup you have
If they do all three of these things you are at their mercy. So consider defences for all of these areas.
These defences may include immutable storage which prevents ransomware from encrypting or deleting backups. Or at-rest encryption to prevent bad actors from compromising the network or stealing your data. It may finally even include hardening your working environment by enabling firewalls that restrict ports and processes.
The biggest defence against ransomware, however, is a security-first mindset.
A business with this mindset will have the plan and tools at its disposal in order to effectively respond and recover from ransomware, an unsolvable and ever-growing threat.