Kaspersky, the global cybersecurity and digital privacy company, detected and blocked a total of 34,607 ransomware incidents through its cybersecurity solutions for businesses in Bangladesh from January to December 2023.

Experts from the global cybersecurity company insist on organizations, regardless of shape and size, to beef up their IT security posture as ransomware, especially the targeted type, continues to be a damaging menace for organizations in the region.

“The era of widespread mass attacks by encryptors on both individuals and businesses is gradually fading away. Instead, we are witnessing a shift towards organized groups that execute hacks involving data theft and encryption, commonly referred to as double extortion. The rationale behind this evolution lies in the perpetrators' ability to operate with greater efficiency, thereby enabling them to demand significantly higher ransom sums,” says Fedor Sinitsyn, Lead Malware Analyst at Kaspersky.

Last year, ransomware became a constant subject of news headlines in Bangladesh. High-profile incidents include an airline where cybercriminals demanded a five million USD ransom and a local bank where the notorious group ALPHV also known as BlackCat, exfiltrated 170GB of data.

“It’s evident that the threat actors behind ransomware attacks target all sectors in Bangladesh. The total number of attempts may be lower, but organizations need to realize the real impact of each successful ransomware infection, both on the financial and reputation fronts. It’s imperative for businesses here to look into cybersecurity technologies that provide absolute anti-ransomware effectiveness in third-party exams. Because not all cybersecurity solutions are created equal,” comments Yeo Siang Tiong, General Manager for Southeast Asia, Bangladesh and Sri Lanka at Kaspersky.

Kaspersky Endpoint Security for Business, Kaspersky Small Office Security and Kaspersky Standard demonstrated complete protection against ransomware in 10 different real-life attack scenarios during regular Advanced Threat Protection assessments held by AV-TEST.

To combat ransomware and assist those affected, Kaspersky, alongside Europol, the Dutch National Police, and others has the No More Ransom initiative, launched in 2016. On the official website, participants provide decryption tools, guidelines, and instructions to report cybercrimes, irrespective of the location of the incident.

By the end of 2023, Kaspersky marked the seventh anniversary as a key contributor to the No More Ransom initiative. This period witnessed expanded access to Kaspersky’s free decryption tools, in line with its commitment to combating ransomware. These tools, targeting 39 ransomware families, have been integral in assisting nearly 2 million victims globally, as reported by Europol, underscoring the profound impact of the No More Ransom initiative supported by Kaspersky.

Individuals and businesses looking to protect themselves from ransomware attacks should consider following some rules as proposed by Kaspersky experts, such as avoiding exposure of remote desktop/management services (such as RDP, MSSQL, etc.) to public networks unless absolutely necessary and relying on strong passwords, two-factor authentication and firewall rules.

Additionally, prompt installation of available patches for commercial VPN solutions is essential; as these serve as gateways for remote employees. Regularly updating software on all devices is also paramount to prevent ransomware from exploiting vulnerabilities as per the experts.

Apart from that, defense strategies should focus on detecting lateral movements and data exfiltration to the Internet. In addition, monitoring outgoing traffic is crucial for identifying and disrupting cybercriminal connections, enhancing overall cybersecurity posture.

Data backup is also a fundamental safeguard against ransomware attacks. Additionally, prioritizing offline backup strategies ensures data integrity and quick recovery in the event of an emergency.

Furthermore, avoiding pirated software and software from unknown sources reduces the risk of inadvertently installing malicious programs, which also mitigates the potential for ransomware infiltration through compromised applications.

Experts also advise of regularly assessing and auditing the supply chain and managed services' access to the environment and preparing an action plan for reputational risk in the event of data theft is essential.

Utilizing advanced cybersecurity solutions such as Kaspersky Endpoint Detection and Response Expert and Kaspersky Managed Detection and Response service which help to identify and stop the attack on early stages, before attackers reach their final goals can also provide protection against evolving ransomware threats.

Moreover, to protect the corporate environment, it is essential to educate employees. Dedicated training courses can help, such as the ones provided in the Kaspersky Automated Security Awareness Platform.

Experts also advise of using the latest Threat Intelligence information to stay aware of actual TTPs used by threat actors. The Kaspersky Threat Intelligence Portal is a single point of access for Kaspersky’s TI, providing cyberattack data and insights gathered by our team for over 26 years.

Total views: 276