如需選擇其他地區站點,請瀏覽以下的瑞士寶盛業務據點選項。倘若未提供您所選地區,請前往我們的國際站點。

電子服務

請選取
其他電子服務

您的所處位置是根據您的 IP 位址而得,這與您的國籍或居留地並無絕對關係。

Newsletter

Sign up for Insights newsletter

Newsletter

Sign up for Insights newsletter

Ransomware is today’s biggest cyber threat

Organisations face a variety of cyber threats, from phishing campaigns to malware to distributed denial of service (DDoS) attacks, brute force attacks and more. But ransomware is a particularly popular type of cyber attack right now.

列印
share-mobile

分享

分享

Rapid improvements in computer processing power since the early 2010s have fuelled the emergence of ransomware attacks. Computers are now so powerful that they can encrypt their own files in just a few hours, meaning criminals are carrying out attacks relatively quickly without getting caught.

All organisations – large and small – are proving vulnerable. That includes businesses, educational institutions, hospitals and healthcare providers, government agencies and non-profits.

The most common gateway for successful ransomware attacks is unpatched systems, as well as VPN (virtual private network) and RDP (remote desktop protocol) connections not secured using two-factor authentication (2FA). Warnings from installed anti-virus software are also, unfortunately, repeatedly ignored on critical systems such as Microsoft Windows domain controllers.

Phased attacks
Cyber criminals who carry out successful ransomware attacks do so in several phases. First, an attacker gains access to a network through phishing emails. Next comes analysis of an organisation’s network and assets to determine where the vulnerabilities lie. Then comes the actual attack, when files are infected and encrypted to make them inaccessible. Finally, the attacker demands a ransom – if the organisation does not pay up, it is increasingly common for the attackers to publicly disclose the compromised data.

Despite ongoing efforts by cyber-security experts over many years to sensitise companies to the potential dangers posed by ransomware, they are not taking the recommended measures and “best practices”. So, risk exposure is high: Swiss companies, among others, unfortunately are falling victim to these cyber attacks time and again. It is common for ransoms in the six- or seven-figure range to be paid. This allows cyber criminals to finance the infrastructure necessary for such attacks, pay collaborators such as money launderers, and move on to prepare attacks on other companies.

Four forms of protection
When it comes to guarding against ransomware attacks, there are four broad actions you can take.

  1. Promote user awareness: User education is a key area. Users need to be educated about the threat of ransomware and how it can be spread.
  2. Block dangerous e-mail attachments: E-mail attachments should be blocked on the e-mail gateway, including Microsoft Office documents with macros.
  3. Install software updates (patches): Make sure all of your systems are patched and updated.
  4. Conduct offline back-ups: Regular backups of the company’s data should be created.

我們使用cookies來方便用戶使用本網站。請點擊「確認」或「自訂設定」來自訂cookies設定。偏好設定的有效期為六個月。如用戶沒有選擇任何一項,一律會被視為「不同意」使用cookies。有關我們如何使用cookies和資料私隱的詳情,以及閣下隨時撤回同意的權利,請參閱我們的 資料私隱政策