Ransomware in 2023: here's what businesses should expect

A representational image of a cybercriminal hacking against a Matrix background.
(Image credit: Future)

Threats from ransomware continue to worsen, despite there never being a better time to arm yourself with any one of many security software protection packages. Large and medium-sized business are most at risk, along with government organizations, with the likes of frequent phishing attacks and malicious email campaigns being the main tools used by cybercriminals. And, the onslaught of ransomware attacks show no sign of letting up in 2023 either.

Spurious emails, with malware featuring in the code, are still one of the preferred methods for many ransomware attacks. This has been exacerbated due to many businesses moving to cloud-based operations. Cybercriminals have been forced to look for other ways to gain access to systems, with vulnerable unpatched or weakly designed software proving fruitful for many malware attempts. So, if you’re in business and fear what 2023 may bring then here’s what you need to look out for…

Protect your business with Perimeter 81

Protect your employees and network from ransomware attacks with Zero Trust. Enforce least privilege access policies across your organization in minutes based on user identity to safeguard all critical assets. Protect your business with Perimeter 81 - one of TechRadar’s top choices for Zero Trust providers. 

Be more vigilant

If you’re running a medium-sized or large business there’s always going to be the threat of security breaches for your IT department to look out for. However, for 2023 it seems likely that business owners will need to implement even an more comprehensive approach to their cybersecurity procedures, due to the increasingly sophisticated attacks coming from the cybercriminal fraternity.

Even up until this point, the cybercriminal’s common routes for carrying out attacks has been to use various forms of phishing alongside a plentiful supply of malicious emails. Calling on these two core techniques, cybercriminals have been able to garner sensitive information about companies and individuals along with vital information that can be used for exploitation.

Unfortunately, these practices are becoming increasingly sophisticated and the situation doesn’t look like it will get any better when 2023 rolls around. Companies are therefore being advised to ramp up their cybersecurity packages to include everything from anti-malware through to email security, as well as regularly taking stock of any potential weaknesses in their networks.

The bigger picture

Adding to the potential problems for the IT departments of many businesses is the way that cybercriminals have been homing in on cloud-based networks, as well as weaknesses in the likes of Linux operating systems favoured by many SMBs. Another growth area ripe for exploitation by cybercriminals is that of cryptocurrencies and DeFi, or decentralized finance platforms. That means the net is being spread ever wider by cybercriminals keen to find new ways of exploiting weaknesses within businesses.

Experts are therefore recommending businesses adopt a more multi-layered system, that will enable them to cover all bases. Business owners need to adopt a more comprehensive approach to beefing up their systems too, with anti-malware software that can work alongside beefed up email security, as well as carrying out regular assessments of any potential vulnerabilities.

In addition, IT departments will need to be ever more diligent when it comes to their patch management strategies. On top of that, it’s more important than ever to have fast, efficient and effective data backup plans in place. If business owners adopt all of these cybersecurity countermeasures they should have the ability to fend off the growing number of attacks that are occurring. However, it’s vital that businesses use all of the options at their disposal rather than just one or two.

What happens next?

If figures from 2022 are anything to go by, it’s vital that businesses boost their cybersecurity measures, especially when it comes to protecting company credentials. Currently, cybercriminals can get a foot in the door by using stolen credentials in order to carry out ransomware attacks. This common technique is widely recognised as being one of the main threats facing medium and large-sized concerns, with government organisations also being in the firing line.

Again, it's the utilisation of phishing attempts that are most commonly used by cybercriminals to carry out their malicious email campaigns, with many messages carrying well-known malware. Alongside that, criminals are also going to be looking at businesses with vulnerabilities in their cloud-based networks, with unpatched software also proving to be an ideal way of getting into vulnerable systems.

Don't cut corners

One of the most important points to consider when preventing malware and ransomware attacks is to ensure you do not skimp on your security software. You’ll certainly want to up the budget for software and avoid the temptation of using free antivirus solutions. These can often only be partly effective in catching threats, with only known threats being spotted rather than emerging issues. Spending a decent mount of budget on a more reputable security software solution will go a log way to helping keep the risks to any business to a minimum.

It’s also false economy to think that spending less on security software will save money. Any business that suffers from a ransomware attack can find it hugely disruptive as well as incredibly destructive too. In fact, many businesses that suffer a cyberattack are often faced with not being able to continue, such is the devastating level of fallout from a malware attack. It’s therefore worth remembering that the costs for securing your business and its systems might seem expensive from the outset, but what you save over time from less disruption could actually save money in the long run.

There are also plenty of options open to businesses of all shapes and sizes when it comes to getting the best ransomware protection. Many security software packages now come with all of the tools needed to fend off attacks from malware, strengthen email security and also monitor any developing or new threats. This is why it’s not worth skimping on security software measures. While it might not mean you can sit back and feel completely risk free, it will at least offer a high level piece of mind that many substandard freemium-type software products simply cannot do.

We've featured the best business VPN.

Rob Clymo

Rob Clymo has been a tech journalist for more years than he can actually remember, having started out in the wacky world of print magazines before discovering the power of the internet. Since he's been all-digital he has run the Innovation channel during a few years at Microsoft as well as turning out regular news, reviews, features and other content for the likes of TechRadar, TechRadar Pro, Tom's Guide, Fit&Well, Gizmodo, Shortlist, Automotive Interiors World, Automotive Testing Technology International, Future of Transportation and Electric & Hybrid Vehicle Technology International. In the rare moments he's not working he's usually out and about on one of numerous e-bikes in his collection.