Over three years after the infamous Wannacry ransomware, its costly aftermath still remains a vivid glimpse on the damage cybercriminals can do by kidnapping companies’ essential data. This threat is undoubtedly present as just this month, operations of an automobile giant were halted in several parts of the world after a successful attack by another ransomware dubbed as SNAKE (also known as EKANS).

Kaspersky’s latest statistics for SMEs in Southeast Asia show the same story. In the first three months of the year, the global cybersecurity company’s solutions have blocked a total of 269,204 ransomware attempts against businesses in the region with a total of 20-250 employees.

Country Q1 2020 Q1 2019
Detections Global ranking Detections Global ranking
Indonesia 131,944 7 520,146 6
Malaysia 4,953 35 33,868 29
Philippines 7,211 26 9,550 41
Singapore 145 91 2,105 65
Thailand 47,014 16 88,811 25
Vietnam 77,937 14 217,750 8

Number of ransomware attempts against SMEs blocked by Kaspersky solutions and the country’s ranking based on the share of users almost infected with this malware

“Globally, we can say that ransomware has reached its peak years ago. It has gradually decreased in number, however, it is fast becoming business-centric. Based on our latest research, one-in-three ransomware attacks are now targeting business users. So while the total number of ransomware attempts detected in the region is 69% lower compared with the same period last year, the risks of SMEs losing their data and their cash because of this threat is still ever-present. The good news is that there are effective ways to protect SME’s much-needed cash flow from becoming  payment to get their kidnapped data back,” says Yeo Siang Tiong, general manager for Southeast Asia at Kaspersky.

As more economies in Southeast Asia re-open after different forms of lockdown, Kaspersky’s experts have several important and useful tips for restarting business safe from the ransomware threat.

An example of a ransomware message

BEFORE A RANSOMWARE ATTACK

Back-up, back-up, back-up

Always have fresh back-up copies of your files so you can replace them in case they are lost (e.g. due to malware or a broken device) and store them not only on the physical object but also in cloud storage for greater reliability. Make sure you can quickly access them in an emergency when needed.

Educate your employees

Build a shared sense of responsibility inside your company. Explain to your employees how following simple rules can help a company avoid ransomware incidents. Create employee and operational control policies that cover aspects of network management and facilities, including password renewal regulations, incident handling, access control rules, protecting sensitive data and more.

SMEs can also avail Kaspersky’s free online course. With a duration of 20-30 minutes, the training shares insights on how companies can better secure their current working environment. The entire course can be accessed through the following link.

Layered security in everything

Literally everything. Security means safeguarding all data touchpoints within your network, may it be via hardware devices or software platforms.

As email is the most common vector being used by cybercriminals to kick-off a ransomware attack, Kaspersky also offers six months free licenses of Kaspersky Security for Microsoft Office 365 for SMEs in the region. This tool is an advanced, all-in-one threat protection for Microsoft Office 365’s communication and collaboration services. It curbs the spread of malicious threats including ransomware, viruses, Trojans, phishing, among others.

Find out more about this promo via this link.

Update, update, update

It is essential to install all security updates as soon as they become available. Always update your operating system and software to eliminate recent vulnerabilities.

Use a ransomware tool

SMEs can also try a free Kaspersky Anti-Ransomware Tool for Business. Its recently updated version contains an exploit prevention feature to prevent ransomware and other threats from exploiting vulnerabilities in software and applications. It is also helpful for customers that use Windows 7: with the end of support of Windows 7, new vulnerabilities in this system won’t be patched by the developer.

DURING and AFTER A RANSOMWARE ATTACK

Unblock your computer; remove the malware

If you find your computer blocked — it won’t load the operating system — use Kaspersky WindowsUnlocker, a free utility that can remove a blocker and get Windows to boot.

Cryptors are a harder nut to crack. First, you need to get rid of the malware by running an antivirus scan. If you don’t have a proper antivirus on your computer, you can download a free trial version here.

Don’t pay, do report

Remember that ransomware is a criminal offence. Do not pay the amount the perpetrators is asking in exchange for your data. If you become a victim, report it to your local law enforcement agency.

Get your files back; look for a decryptor

If you have a backup copy of your files, you can simply restore your files from the backup. That is by far your best shot. If you haven’t made backups, you can try to decrypt files by using special utilities called decryptors. All of the free decryptors created by Kaspersky can be found at Noransom.kaspersky.com.

Other antivirus companies also develop decryptors. One thing: Be very sure you’re downloading these programs from a reputable website; otherwise you run a high risk of getting infected by some other malware.

Involve the experts

If the decryptor is not available online, contact your trusted cybersecurity vendor to check if they have a decryption tool for the ransomware that has attacked you.

LEAVE A REPLY

Please enter your comment!
Please enter your name here