Every 40 seconds, ransomware wreaks havoc for businesses
During the past year, ransomware has become a more serious threat for businesses of all sizes.
Just consider these global ransomware statistics compiled by the Kaspersky Security Network (KSN) for 2016:
- In the first quarter, a business was attacked every 2 minutes.
- In the third quarter, a business was attacked every 40 seconds.
- One in five small businesses that paid a ransom never got their data back.
Unfortunately, the growing cycle feeds itself: As more businesses have paid ransoms to retrieve valuable data, the thieves have become emboldened and even innovative. A total of 62 new ransomware families emerged last year, as tracked by KSN.
2 basic forms of ransomware
The types of ransomware used today fall into two main categories: crypto and locker. The crypto version blocks access to data and files (often via encryption), while the locker prevents access to the infected computer or device. In both cases, victims receive a message demanding a ransom payment in exchange for restoring data and/or system access. You can learn more about these types of ransomware in this white paper from Symantec.
Obviously either type of threat could be catastrophic for businesses, which may stand to lose valuable customer data or even be prevented from doing business because transactional systems are blocked.
New partnership helps in the fight
Joint efforts by law enforcement and IT security companies have created the No More Ransom project, which launched in July 2016 and continues to grow and make decryption tools available on its nomoreransom.org platform. According to Help Net Security, the platform now contains 40 free decryption tools and is available in 14 languages.
The site also recommends that victims not pay the ransom. “By sending your money to cybercriminals you’ll only confirm that ransomware works,” the website declares, “and there’s no guarantee you’ll get the decryption key you need in return.”
What you can do
Federal officials agree that businesses and consumers should not pay a ransom; rather victims should contact the FBI or submit a complaint on www.ic3.gov, a government site for filing and sharing information about cybercrime.
I also recommend several proactive steps that you can take to help protect your business, such as:
- Use email filtering to screen all incoming and outgoing mail for malicious or junk status and quarantine attachments with macro extensions (.docm, .xlsm, .pptm).
- Limit administrative rights on computers (malware often needs admin rights to take over a computer) as well as valuable data files.
- Educate employees about the risks of ransomware and train them to be suspicious of unsolicited emails and avoid clicking on links or attachments in emails.
For more tips, please see my previous posts “Held hostage: Be alert for ransomware” and “As ransomware attacks rise, these 5 tips may help protect you.”