How Can You Prevent Ransomware Attacks? Cybersecurity Experts From Okta, Rapid7, Recorded Future, and Team Cymru Explain

The major recommendations in the Ransomware Task Force Report include increased regulation of the cryptocurrency sector.

Advertisement
By Jasmin Jose | Updated: 8 July 2021 13:58 IST
Highlights
  • There isn’t a single software solution that will solve ransomware attacks
  • Use strong passwords that are unique to each site/ service
  • Governments should mandate that organisations report ransom payments
How Can You Prevent Ransomware Attacks? Cybersecurity Experts From Okta, Rapid7, Recorded Future, and Team Cymru Explain

One of the first things that we need to understand first is how ransomware infects a computer

Photo Credit: Pexels/ Sora Shimazaku

Is there anything that you can do to reduce the threat of a ransomware attack? And what should you do in case you're the victim of one? These were some of the questions that were answered by a group of cybersecurity experts who spoke about the topic of ransomware during a Reddit AMA. The discussion was organised by the California-based Institute of Security and Technology (IST), a non-profit organisation, and included Jen Ellis and Bob Rudis of the cybersecurity firm Rapid7, Marc Rogers of the IT services firm Okta, James Shank, of the computer security company, Team Cymru, and Allan Liska of the cybersecurity firm, Recorded Future .

Over the last year, ransomware attacks around the world surged by 150 percent according to a study by Singapore-based security firm Group-IB. Ransomware attacks occur when hackers use an extortion software to lock your system and then demand a ransom for its release. Such attacks have seen an exponential rise, with the ransomware breach at the Florida IT firm Kaseya during the first week of July being the last major one. This single attack affected up to 1,500 businesses worldwide.

Prior to the attack on Kaseya , a Russia-based group's ransomware attack forced the shutdown of Colonial Pipeline, the largest oil pipeline in the eastern United States. The attack crippled fuel delivery for several days in the US Southeast. This incident was followed by another on the world's largest meatpacker JBS SA. This string of attacks has prompted the US Department of Justice to elevate investigations of ransomware attacks to a similar priority as terrorism.

As the ransomware threats keep mounting, IST, a non-profit organisation, recently hosted an Ask Me Anything (AMA) session on Reddit where users could raise any questions related to ransomware and cybercrime, and what people can do to make themselves or their organisations a little safer.

Advertisement

What can you do to protect yourself or your business?

One of the things that we need to understand first is how ransomware infects a computer. “It really depends on the type of ransomware,” explained Rogers, of Okta. “In most cases it is a malicious application that takes control of your system before spreading laterally into any and all connected systems. Sometimes it can be an actual person that takes over your account and uses it to pivot into other systems to take them over also. Ultimately it ends with the same couple of things - your data gets stolen and an application, a locker, encrypts what's left behind and makes the demand for payment.”

Advertisement

“Most ransomware attackers don't need advanced tooling to accomplish their goals. The Pipeline was ransomed because of plain credential use on a VPN. Not exactly rocket science,” Rudis, of Rapid7, added.

Actually protecting yourself or your company can be challenging because of both high-tech ways to beat security — and the very strong chance that as humans, we all make mistakes, as Rudis pointed out. Liska, of Recorded Future, suggested employing multi-factor authentication, patching, endpoint protection and monitoring, scanning of remote infrastructure, and threat hunting for attackers. Rudis pointed out that there are many safe configurations for workstations and servers that organisations either do not know about or have been reluctant to deploy.

Advertisement

“Just shoring up configurations on Active Directory and SMB (Server Message Block) servers alone can do wonders to help thwart attackers from being able to move laterally and encrypt or lock-out at scale,'' he said.

Liska also added that there isn't a single software solution that will solve the problem of ransomware or other types of attacks. “Tackling such threats requires a holistic approach to security. Not just software, but the right policies, people, and protocols in place to quickly identify and stop threats (are needed),” he said. Rudis added to the opinion saying, “There is no path to purchasing your way into ransomware defense.”

What should a regular person do?

But while many of these suggestions seem geared towards large organisations, individuals are also often targeted. In fact, a recent report by Daniel Benes, malware researcher at Avast, showed that gamers are increasingly being targeted by ransomware attackers. What should people do in this situation?

Shank suggested three basic things anyone could do to ensure greater safety for themselves, and also for the companies they're working for:

1. Use strong passwords that are unique to each site/ service that you visit.

2. Keep good backups, and consider using more than one backup device where both devices are never plugged in at the same time.

3. Be vigilant! If something strikes you as odd, alert your corporate security team. Did you click a link and think it might be bad? Report it. Most ransomware actors take time to inventory networks after the initial compromise, so there may be time to still protect your network and your device. Time is of the essence here though.

Can we put an end to the ransomware attacks?

The AMA also discussed the likelihood of a state or a rogue group taking down a critical infrastructure for a long period, thus severely disrupting life. Ellis, of Rapid7, said that such a scenario doesn't feel far-fetched at all. “We've already seen infrastructure be a target in several countries, and this is only likely to increase without intervention. Even when the attacker offers up the keys as they did with the attack on the Irish healthcare authority (HSE), it can take a long time to get operations fully back up and running. HSE is saying they think full recovery will cost them $600 million (roughly Rs. 4,480 crores),” Ellis said.

The cybersecurity experts are also a part of the Ransomware Task Force Report by IST on combating ransomware. The report gives a comprehensive framework for actions that can be taken to fight ransomware and makes recommendations of steps that can be enforced by governments, institutions, and organisations.

The major recommendations include suggestions to the governments to establish Cyber Response and Recovery Funds to support ransomware response and other cybersecurity activities, mandating that organisations report ransom payments, and increased regulation of the cryptocurrency sector. Coordinated, international diplomatic, and law enforcement efforts are also encouraged to proactively prioritise ransomware through a comprehensive, resourced strategy.


Windows 11 has been unveiled, but do you need it? We discussed this on Orbital, the Gadgets 360 podcast. Orbital is available on Apple Podcasts, Google Podcasts, Spotify, Amazon Music and wherever you get your podcasts.
Affiliate links may be automatically generated - see our ethics statement for details.
 

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Advertisement

Related Stories

Popular Mobile Brands
  1. Our Fault OTT Release Date: When and Where to Watch Final Chapter of Culpables Online?
  2. OnePlus Pad 3 With 12,140mAh Battery Launched in India: Check Features
  3. OnePlus 13s Launched in India: Know Price, Specifications and More
  4. OnePlus 13s Review
  5. OnePlus Pad 3 First Impressions
  6. Oppo Reno 14F 5G Listed on NBTC Site, Hints at Key Specifications
  7. Oppo Teases Launch of New Smartphone in India; Could Be Reno 14
  8. Redmi Pad 2 With 9,000mAh Battery Launched in Global Markets: See Price
  9. Realme GT 7 and GT 7T Review
  10. OnePlus 13s vs iQOO 13: Price in India, Specifications Compared
  1. Samsung Galaxy Z Flip FE Price, Storage Options Leaked Again; Here's How Much It Could Cost
  2. WWDC 2025: watchOS 26 to Reportedly Get Support for Third-Party Control Centre Widgets
  3. Snapchat Launches Apple Watch App With Scribble, Dictation Support; Lens Studio Now on iOS
  4. Hugging Face Releases SmolVLA Open Source AI Model For Robotics Workflows
  5. Redmi Pad 2 With 9,000mAh Battery, MediaTek Helio G100 Ultra Chip Launched: Price, Specifications
  6. Alphabet CEO Expects to Keep Hiring Engineers as AI Advances
  7. Amazon Said to Be Preparing to Test Humanoid Robots for Deliveries
  8. Google Doubles Gemini 2.5 Pro Rate Limit for Google AI Pro Subscribers
  9. Apple Said to Have Given iPhone Repair Business to Tata India as Partnership Expands
  10. Huawei Pura 80 Pro, Pura 80 Pro+ Design Teased; Pre-Reservation Begin
Gadgets 360 is available in
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.