How to Stop Ransomware on Virtual and Cloud Desktops

Ransomware is incredibly effective. In fact, it's so effective that it has garnered a staggering number of victims- a number that continues to increase every year. According to a study done by IDC, 87 percent of companies victimized by ransomware in the past 12 months paid the ransom. Protecting your business from ransomware isn't a difficult task with the right tools in place. Virtual Desktop Infrastructure (VDI) provides a wide variety of benefits, one of those being an additional layer of protection against ransomware. In this article, we'll explain how virtual and cloud desktop users can stop ransomware. 

Learn More About Virtual Desktops


What is ransomware?

Ransomware is a form of malicious software (malware). It's designed to encrypt files on a device, making any files or systems that rely on them unusable. In exchange for the decrypted files, malicious actors will demand a ransom. According to an analysis by Check Point, the ransom demand is usually between 0.7% and 5% of the victim's annual revenue. The average percentage is 2.82%. 

Ransomware attacks can happen because of a number of different reasons. The top causes of ransomware are phishing emails, poor user practices, lack of cybersecurity training, and weak passwords or password management. 


How does ransomware spread?

Ransomware is able to spread throughout an organization via various methods. One method, called Remote Desktop Protocol (RDP) allows an attacker to gain access to another computer over a network connection.

They then exploit security vulnerabilities and use brute force to get passed the system's login credentials. Other methods include malicious URLs, email attachments, USB drives, and malvertising. 


What organizations are most at risk of getting attacked?

According to a study by Per Statista, most of the data breaches reported come from businesses. Medical/healthcare as well as banking, credit, and financial organizations make up the top 3 targetted organizations. Government/military was also named among the top 5 most heavily targeted industries. 

Larger corporations usually have protective measures in place to embolden their cybersecurity. It's the small to mid-sized businesses that don't prioritize cybersecurity spending that ends up getting hit the hardest and as a result, put out of business. 71% of ransomware attacks target small businesses. Therefore, it's more critical that SMBs look at their cyber-risk and plan accordingly. 


How do you stop ransomware with vdi?

Intrinsically, the effects of ransomware can be significantly less impactful to an organization that has virtual and cloud desktops than an organization without. Rather than using a legacy PC computing environment with local computing resources more susceptible to external elements, VDI and cloud environments allow users to access shared recourses from a centralized, virtual system. When armored with the right protections, virtual and cloud desktops can remain ransomware and malware-free. 

How Secure is VDI on its Own?

On its own, VDI has a few qualities that make it easily more secure than personal computers. For example, VDI remains protected by the network defenses that operate with the enterprise. This protection would be unavailable to the average remote worker using a physical PC in-home or out at a wifi-enabled location attempting to connect to a potentially dangerous network.

Other security benefits of virtual desktop services include centralized configuration management, security settings, and applications that allow software patches to be deployed to all virtual desktops simultaneously. Most importantly, with virtual desktops, the data never leaves the data center, making it easier to manage and guard against ransomware. 

Can VDI be Hacked? 

As all-encompassing of a solution as virtual desktop services are, they're not a one-and-done solution. VDI can be hacked. However, the measures taken to protect your virtual desktops determine how high the chances are for your organization. Any reputable IT company will highly advise enterprises to take steps to protect their virtual desktops. 

Because VDI is managed centrally, it is much easier to secure than a traditional IT environment. All it takes is maintaining the environment with the right processes. Should a mistake or misconfiguration occur, however, it will be easier to spread the risk throughout the organization. This is why it's important to utilize a managed service provider you can trust when using a virtual desktop solution. 

How Do I Protect My VDI Solution? 

A trusted Managed Service Provider is able to provide the perfect recipe of applications depending on your individual business and industry. There is a cocktail of solutions however that are tried and true in ensuring ransomware doesn't infect your virtual desktop infrastructure. 

  1. Restricting or disabling services:
    This limits the areas for potential concern in the environment by limiting service strictly to what the business needs. 

  2. Securing devices with endpoint protection:
    Leveraging endpoint detection and response tools enables an organization to detect and respond to breaches quickly. 

  3. Requiring Multi-Factor Authentication (MFA):
    MFA minimized the chances of hackers compromising credentials to gain unauthorized access to VDI platforms. 

  4. Deploying extra security tools in the data center:
    Intrusion protection systems/intrusion detection systems, application whitelisting, antivirus software, and firewalls are all fundamental security protocols that must be implemented on each virtual machine in a secure VDI environment. 

Don't let ransomware infect your virtual desktops 

Using the cloud, you can isolate, control, and contain the most common vulnerability: the end-user. If you allow users to access email and the Web using an application or browser installed on a cloud desktop, any ransomware or other malicious content is contained on that desktop. Ensure your corporate data is protected from the desktop and delete it once you log out or encounter a problem, ensuring the ransomware never has a chance to access your data.

You don't have to worry if your company will be victimized by ransomware, but when. In order to save money and your sanity, it is important to contain the attack in an area that does not have access to your core corporate information. Using virtual desktops and cloud computing can make a big difference!

If you'd like to secure your VDI solution or embark on setting one up, contact our IT consultants about our virtual and cloud desktop services today!


Originally published on June 23, 2022

Be a thought leader and share:

Subscribe to Our Blog

About the Author

Cybersecurity and Compliance Cybersecurity and Compliance

Organizations entrust Centre with protecting their technology ecosystem and strengthening their security posture. Centre’s cybersecurity and compliance solutions delivers layered IT security to protect businesses’ employees, customers, and content from known and unknown threats. Through employee awareness training, detailed security assessments, and 24x7 threat containment, Centre is a trusted partner for businesses seeking comprehensive network and data protection. Learn more about Cybersecurity and Compliance »

Follow on LinkedIn »