The current state of
Ransomware
There have been some major ransomware attacks throughout the UK in 2003. Some of these include Barts NHS Trust – The BlackCat ransomware group claims they have breached the organisation and stolen seven terabytes of internal documents and Royal Mail – a LockBit attack targeted Royal Mail, considered “critical national infrastructure” in the United Kingdom, causing severe disruption to all international deliveries.
In 2023, ransomware is undergoing a resurgence, witnessing a renaissance. According to reports from cybersecurity firms, there have been over 400 attacks in the month of March alone. Ransomware is financially devasting for most businesses; however, this increase in data leaks is particularly harmful to a business’s reputation and public image. This concept is known as double extortion, whereby if the company can recover from a ransomware attack through backups without paying the ransom, the attackers will exfiltrate the data and either leak it online or sell it to the highest bidder.
As double extortion has become the new normal for ransomware, how businesses protect against ransomware has also changed, with backup and disaster recovery no longer sufficient.
Phishing is ‘still‘ the most common entry point
Phishing has consistently ranked as the number one threat vector for many years, with 83% of all cyberattacks in 2023 being some form of phishing attack. Whilst some phishing ransomware attacks are low-effort spray-and-pray attacks that can be prevented with technologies such as DMARC, SPF and DKIM or cybersecurity awareness training, there are also some highly sophisticated phishing attacks.
These attacks are known as spear phishing, where the cybercriminal researches their target business and individuals and then tailors the phishing attack to them. These phishing emails typically look like they are from a trusted individual or company but contain a malicious link that, if clicked, will download the payload or take the victim to a malicious site where they enter their password, which can be used for a different attack method.
READ INSIGHTS ARTICLE: 5 Common Phishing Attacks and How to Spot Them
Ransomware Entry Points
Credential Stuffing
Microsoft Planner is a visual task management solution that organises teamwork and increases productivity. In Planner, users can create Kanban boards with content-rich cards, including files, checklists, and labels. The Kanban system helps teams view the specific steps involved in a task, how the work flows through the tasks, and where there are opportunities to streamline how the work is completed. Planner can be collaborative, allowing users to see the bigger picture and how each step is working towards task completion. As Planner is included in your Microsoft 365 subscription, it also connects seamlessly with other Microsoft applications for more efficient task management and can be managed within Teams.
Ransomware Entry Points
Exploiting Vulnerable Systems
Microsoft Approvals is a solution designed to streamline all requests and approval processes within Teams. It allows users to create a request for approval for documents or ideas that then notifies the user that has been requested so they can approve or deny the request. This reduces the time and complexity of acquiring written acknowledgement and authorisation from a manager, stakeholder, or customer. For customer-facing approvals, it is also possible to require a signature.
Ransomware Entry Points
Email Security
The modern office has fundamentally changed with the advent of hybrid working. Microsoft have pioneered this change with Office applications being available in browsers on any device with an internet connection. This allows users to easily work on the train, or quickly and easily take notes on OneNote whenever and wherever an idea comes to them.
Ransomware Entry Points
Password Security & MFA
Since Microsoft moved the Office application to the cloud, there has been a strong focus on increased collaboration. In Word, for example, if a user is editing a document, they can send the link to another user, and both users can edit the document simultaneously. This is a game-changer for brainstorming new ideas and proofreading documents before a final sign-off.
Ransomware Entry Points
Backup & Disaster Recovery
Many businesses pay for a subscription to a survey software, such as Survey Monkey, and need to realise that Microsoft Forms has impressive functionality and is included in all Microsoft 365 subscriptions. Forms allow users to quickly create surveys, polls and quizzes that can be shared via a link. The results are stored within the Forms online application and have in-built analytics, or the results can be downloaded for further analysis. Forms can also be connected to Power Automate to send out a thank you email when respondents complete the form.
