When it comes to building a business’s cybersecurity defences, the assumption should always be when, not if, there will be an attack. It’s an unfortunate reality that most businesses will face, particularly as the ransomware industry continues to grow.
Ransomware is one of the fastest growing cyber threats businesses face, with reports increasing 62% in 2021 and attacks costing organisations an average of $1.85 million. However, not only are ransomware attacks becoming more common, but they’re also becoming much faster and harder to detect and defend against. A recent study from IBM X-Force revealed that from 2019 to 2021, the average duration of a ransomware attack dropped from more than two months to just over three days. It’s concerning to say the least, especially given that this means the time businesses have to detect and respond to the attack is reduced by 94%.
To further add to this point, additional research by IBM in their Cost of Data Breach 2021 Report revealed that on average, it took businesses 212 days to identify a breach, and 75 days to contain it, making the total process 287 days.
The increase in the speed of ransomware is largely due to a boom in the ransomware-as-a-service (RaaS) economy. In recent years, we’ve seen cybercriminals continue to develop more effective, repeatable techniques, aiding the RaaS industry in its growth. Now, even low-level cybercriminals can pay a fee to access off the shelf ransomware kits that enable them to execute highly sophisticated and successful attacks at a speed that even the most advanced security teams would struggle to keep up with.
The use of RaaS reduces the window for businesses to respond and mitigate an attack. Of particular concern is the emergence of LockBit, which is one of the most prolific ransomware strains currently on the market. In May 2022, LockBit was used in 40% of ransomware attacks that cybersecurity firm NCC Group saw, most likely due to its success rate and speed. When tested, LockBit moved at lightning pace, encrypting 100,000 files in a median time of only 5 minutes and 50 seconds, and at its quickest, encrypted 25,000 files in a minute.
Although this paints a bleak picture for any company looking to defend against attacks, it demonstrates the need for businesses to prioritise reducing network vulnerabilities to help prevent them. Unfortunately, there’s no one size fits all solution, but there are measures businesses can take to help reduce their risk. The Australian Cyber Security Centre offers the following advice:
- Update your device and turn on automatic updates
- Turn on multi-factor authentication
- Set up and perform regular backups (including to an offline external storage device)
- Implement access control
- Turn on ransomware protection
- Prepare your cyber emergency plan
However, given that the most common delivery method of ransomware is via phishing emails, a business’s best protection is through implementing email security solutions which act fast to detect and deflect threats on their behalf.
MailGuard's solution
To MailGuard, speed matters.
While many vendors may claim to stop every threat, their outdated processes and cumbersome infrastructure can mean that a malicious email can sit in an employee’s inbox for hours or days until it’s detected, at which point the damage may already be done.
MailGuard’s threat response is up to 48 hours faster, ensuring that emails are all thoroughly checked before landing in your inbox. Scanning trillions of emails across several decades, MailGuard has amassed thousands of archives of rules which inform its judgements about what a good and bad email looks like. This ancient wisdom is housed in a squad of rules-based threat protection engines, meticulously maintained and rigorously updated by its’ loyal ninja army.
To find out more about how our threat ninjas operate, check out our latest eBook.
Talk to us
Talk to a MailGuard solution consultant today about securing your company's inboxes. You can get in touch with us by calling +61 3 9694 4444, or by emailing us at info@mailguard.com.au.
Existing MailGuard partners and clients can reach out to us here:
Australia - please call us on 1300 30 65 10
US - call 1888 848 2822
UK - call 0 800 404 8993
