The Business Times
SGSME logo

Five tips to protect against ransomware targeting SMEs

google-preferred-sourceAdd BT as a preferred source
Published Fri, Aug 14, 2020 · 04:49 AM

    DHARMA, a family of ransomware that was first spotted in 2016 and targets mainly small and medium-sized enterprises (SMEs), remains active in 2020, even during the coronavirus pandemic, according to cybersecurity solutions provider Sophos.

    Its use has spread, as the source code has been made available in various forms, said Sean Gallagher, senior threat researcher at Sophos, likening Dharma to a fast-food franchise that's "widely and easily available to just about anyone".

    According to Mr Gallagher, Dharma targets mainly SMEs because of their vulnerability. "Because they don't have dedicated security teams and business continuity practices in place, they more frequently fall victim to these sorts of attacks," he said.

    And with businesses' IT teams "stretched thin" to support remote working during the pandemic, the risks from such attacks are "magnified". Mr Gallagher said: "The need to equip and enable an unexpectedly remote workforce has left small companies with vulnerable infrastructure and devices, and hindered the ability of IT support staff to adequately monitor and manage systems the way they normally would."

    Dharma's attack process relies heavily on the abuse of open source tools, as well as freeware versions of commercial tools. Sophos has five tips for businesses to protect against the ransomware:

    1. Shut down Internet-facing remote desktop protocol (RDP) to deny cybercriminals access to networks. If you need access to RDP, put it behind a VPN connection.

    DECODING ASIA

    Navigate Asia in
    a new global order

    Get the insights delivered to your inbox.

    2. Check that you have a full inventory of all devices connected to your network and always install the latest security updates, as soon as they are released, on all the devices and servers on your network.

    3. Keep regular backups of your most important and current data on an offline storage device.

    4. Be aware of the five signs that indicate an attacker may present: the presence of a network scanner, tools for disabling antivirus software, MimiKatz, patterns of suspicious behaviour and test attacks.

    5. Remember that there is no silver bullet for security and that a layered, defence-in-depth security model is essential.

    Decoding Asia newsletter: your guide to navigating Asia in a new global order. Sign up here to get Decoding Asia newsletter. Delivered to your inbox. Free.

    RansomwareCybersecuritySingapore SMEs

    Copyright SPH Media. All rights reserved.

    Reuse this contentFeedback
    Latest T-bills Treasury Bills Results & Interest NewsLatest SSB Singapore Savings Bonds NewsLatest COE Certificate of Entitlement News
    Latest Johor-Singapore SEZ NewsLatest BTO Build To Order & Sales of Balance NewsLatest STI Straits Times Index NewsLatest SGX Dividends, Share Price NewsLatest Bonds Market NewsLatest Singapore Stocks To Buy NewsLatest Singapore Economy News
    View More