April 29, 2018

Is Your Company Prepared for Ransomware?

Ransomware is now considered to be one of the biggest threats in cyber space – and workplaces of all sizes are at risk.

During the first quarter of 2017, organizations were attacked by ransomware more than any other type of malware, according to Malwarebytes research. Whether it got in by spam email or an exploit kit, the research showed that roughly 60% of 'malware payloads' were ransomware.

There are two types of ransomware. 'Encrypting' ransomware blocks system files and demands payment for the decryption key. 'Locker' ransomware locks victims out of their operating system and demands a ransom to unlock the infected computer.

Unfortunately, even with payment, research has shown there is no guarantee that attackers will release information.

Global ransomware damages were forecast to exceed $5 billion in 2017, according to the Ransomware Damage Report by Cybersecurity Ventures. That’s 15 times more than just two years earlier, and it doesn’t include actual ransom payments.

The average ransom demand has gone up to $1,077 according to the Symantec 2017 Internet Security Threat Report (and that figure is 3 times the average demand in 2015).

The effects of ransomware on SMBs can be devastating. A 2017 report from Osterman Research showed that almost a quarter of small and medium businesses (with less than 1,000 employees) that experienced a ransomware attack in the last year had to stop business operations immediately. On average, small companies lost over $100,000 per ransomware incident due to downtime.

Here are ways a company can protect their devices from ransomware.

Keep all software, operating systems, and devices updated with the latest security patches. Remember, updates are usually created as a result of a new security vulnerability.
Use a trustworthy antivirus software. Look for software that protects your data but doesn’t disrupt user experience.
Back up sensitive data. Back up data daily to an offline location or a cloud service provider. There have been cases where malware has spread from the point of infection to the on-site back-up system.
Provide on-going security awareness training. All employees must know how to identify suspicious emails or links. They should be careful about what websites they visit, URLs they follow, and applications and mobile apps they download.
Use strong passwords. While ransomware typically arrives by email or malicious link, there are reports that cybercriminals are using Remote Desktop Protocol (RDP) to spread it too. A strong password policy will help reduce this risk.
Purchase cyber insurance. Increasingly, cyber insurance can help cover expenses from the actual ransom, forensics work, recovery, and costs of disruption. Ponemon statistics show that just 38% of companies have cyber insurance policies in place.
Work with recognized vendors. Different types of security companies can provide threat management services for the workplace from malware detection and firewalls to systems monitoring, user access controls and physical safeguards.
Don’t stockpile old hard drives and computers. Have them securely destroyed by a professional document destruction company. Only physical destruction ensures the data on an old hard drive is 100% destroyed.