Ransomware attacks are getting more aggressive according to a senior figure at Europe's law enforcement agency, but there are simple steps which organisations can follow to protect themselves – and their employees – from falling victim to attacks.
"Ransomware is one of the main threats," Fernando Ruiz, head of operations at Europol's European Cybercrime Centre (EC3), told ZDNet. Europol supports the 27 EU member states in their fight against terrorism, cybercrime and other serious and organised forms of crime.
"Criminals behind ransomware attacks are adapting their attack vectors, they're more aggressive than in the past – they're not only encrypting the files, they're also exfiltrating data and making it available," he explained. "From a law enforcement perspective, we have been monitoring this evolution."
SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic)
This year has seen a rise in ransomware attacks where cyber criminals aren't just encrypting the networks of victims and demanding six-figure bitcoin payment to return the files, but they're also threatening to publish sensitive corporate information and other stolen data if the victim doesn't pay the ransom.
However, Europol's No More Ransom project is attempting to take the fight to cyber criminals by offering free decryption tools for hundreds of different families of ransomware, something which is estimated to have stopped over four million victims from giving into ransom demands.
The scheme is based on collaboration between Europol and over 150 partner organisations in law enforcement, cybersecurity and academia around the world and the portal is regularly updated with new decryption tools to help victims of ransomware attacks.
"We're constantly reaching out to partners involved in the project and asking them to keep us updated on the possibility of new tools to mitigate the damage by the newest ransomware families," Ruiz explained.
But the best way to protect against the potential damage of a ransomware attack is to make sure organisations, businesses and individuals have the necessary cybersecurity measures in place to avoid falling victim to ransomware in the first place.
"Prevention is the key," said Ruiz. "The main advice is keep backups of your data and keep them offline. Also it's essential that all the operating systems and anti-virus are properly updated; implement any available patch as soon as possible in order to mitigate any vulnerabilities". It's also important that organisations teach employees how to spot a potential cyberattack.
SEE: Global pandemic opening up can of security worms
"There are minimum security measures they can adapt, not only at the company but also at home – don't download software from non-reliable sources, don't open attachments if you think they're suspicious," Ruiz explained.
"A number of these essential security measures can prevent most of the successful ransomware attacks we've seen," he added. The full interview with Ruiz is available on ZDNet's Security Update video series.