We sometimes see news of kidnappings and victims being held for ransom. However, did you know that this also occurs in the cyberworld? What would you do if all your data was encrypted and you couldn’t even access a single document or photo?
Welcome to the world of ransomware, where data is held hostage.
What is Ransomware?
Ransomware is a form of malware that aims to encrypt data. Once encrypted, the owner cannot access the data without a specific decryption key. To get the key, a ransom is required, typically in the form of cryptocurrency such as Bitcoin.
Due to the ease with which ransomware is spread, cybercriminals can target individuals and businesses. Individuals are asked for smaller ransoms, ranging from hundreds to thousands of dollars. Businesses face ransom demands that can stretch into the millions of dollars.
The problem with ransomware isn’t just the risk of loss or damage. Ransomware is often a source of funding for terrorist organizations. If we aren’t careful, we can end up causing greater damage to the world.
Bernard Tan
CallNet Senior Systems Engineer
Notable Ransomware Attacks and Incidents in Malaysia
Like other countries, Malaysians face ransomware attacks at the individual and business levels. Nobody is spared, even the Malaysian government. Between 2021 to 2022, ransomware attempts in Malaysia increased by 37.5%.
Among the numerous ransomware incidents in Malaysia were:
- Malaysia’s Putrajaya MRT line experienced a ransomware attack in 2023. The attack affected Touch and Go card reloads. Interestingly, the line operator quickly deleted related tweets following the incident.
- Low-cost airline AirAsia was hit by a ransomware attack from Daixin Team in 2022. The attack saw the loss of data on five million passengers and employees.
- Exabytes, a leading web hosting company in Malaysia, was affected by ransomware in 2021. The incident affected over 160,000 customers worldwide. The attackers demanded a ransom of $900,000.
- Axa’s Asian operations were disrupted by the Avaddon ransomware in 2021. Malaysia operations were also affected. Criminals successfully made off with three terabytes of data overall.
How to Protect Yourself From Ransomware
Ransomware is typically spread in many of the same ways as malware. As such, most preventive measures are shared. However, you can work to deal with ransomware in several specific ways.
Here’s what you can do:
- Data Backups: While backups are a common way of dealing with ransomware, comprehensive backups are essential. This is because you don’t know when the ransomware infection occurred.
- Advanced Antivirus Protection: Antivirus has evolved over the years, and many reputable vendors now include ransomware-specific protection. Among these are the identification and prevention of suspicious file changes.
- Disable Macro Scripts: Ransomware can be delivered via macros in Microsoft Office documents. Because of this, you should disable automatic macro scripts in email attachments.
- Network Segmentation: Small businesses can divide their network into subnetworks. Doing so can limit the extent of damage in case of a ransomware attack. It also helps with isolation and incident management.
- Limit Access: Restrict user permissions so that individuals can only access resources necessary for their role. This also helps limit the spread of damage since ransomware can only encrypt what it can reach.
- Application Whitelisting: Be cautious about what applications can run on your systems. Limiting these can also make it easier to keep updated and avoid having vulnerabilities exploited by ransomware.
- Email Filtering and Caution: Use robust email filters to catch phishing emails. This is a prevalent source of ransomware infections. Always be careful when opening attachments or clicking links in emails.
Ransomware Protections for Enterprises & small businesses
Ransomware has evolved from an interesting novelty to a serious threat. Once infected, you run the risk of not just financial loss but also reputational damage.
CallNet Solution collaborates with esteemed partners like WithSecure, Trellix, Sangfor, Sophos, and TrendMicro to deliver state-of-the-art ransomware protection solutions; and Veeam and Dell Apex for speedy ransomware recovery.
These alliances enable us to offer an arsenal of tailored cybersecurity measures, ensuring your business’s resilience against digital threats.
A moment of weakness can lead to a lifetime of regret. Don’t let your painstaking work be lost in a flash. Let us show you how effective ransomware prevention can be.