What Is Ransomware and What Can You Do to Keep Your Systems Secure?
Have you opened your browser only to receive a message that you've been locked out of your system? What about an email that indicates you’ve made changes to financial accounts and directs you to click a link to correct the situation if you haven’t authorized these changes? Clicking these links or opening attachments from these messages can deploy a specific type of malicious software called ransomware, and it can debilitate your business. Discover what forms ransomware can take and what you can do to secure your business data from ransomware attacks.What Is Ransomware?Ransomware is a type of malicious software, or malware, that holds your data for ransom. It can be deployed in several ways: It can either lock you out of your entire computer system, keep you from accessing files and data, or encrypt your files so they're no longer recognizable or accessible. To regain access or retrieve data, the attacker demands payment, usually in the form of bitcoin, within a certain period of time. If you don't pay within that window, the ransom either increases or the attacker threatens to permanently disable the system or destroy the data. If you do pay the ransom, the attacker agrees to deliver a key that will unlock the damage; however, there are no guarantees you’ll actually receive it.
Ransomware Attacks Are on the Rise
According to the FBI, an average of 4,000 daily ransomware attacks have occurred globally since January 2016. This accounts for a 300 percent increase over the 1,000 daily average in 2015. In addition, these statistics drive home the increasing severity of ransomware attacks:
97 percent of phishing emails contain ransomware.
Ransom rates range from $200 to $10,000, increasing up to $40,000 if not paid.
Even after paying, only 42 percent recovered data.
Ransomware attackers prefer to target businesses because this results in larger payouts. A comprehensive IBM study reported that in 2016, 70 percent of businesses attacked by ransomware paid the ransom, and over half of those paid more than $10,000 in ransom. Another 20 percent of those businesses paid over $40,000 in ransom. The same survey revealed that, of the business executives surveyed who had not experienced a ransomware attack, a quarter would be willing to pay $50,000 to recover data.
WannaCry Was the Largest Ransomware Attack to Date
On May 12, 2017, a large-scale ransomware attack targeted computers around the globe running the Windows operating system. Known as WannaCry, the attack infected over 230,000 computers spanning 150 countries. Most of those infected were running Windows 7. It is believed that the ransomware entered computers through an exposed, vulnerable SMB port and spread throughout networks. The attackers received the equivalent of $126,742.48 USD in bitcoin from the attack before a “kill switch” was found.
What Are the Steps to Preventing Ransomware Attacks?
1.Inform and train all users about ransomware and its effects. Recognizing a potential attack before it deploys is key to managing threat protection and safeguarding endpoints.2.Keep computer systems updated with the latest technologies. Check these off for all managed devices:
Patch at the earliest opportunities.
Deploy malware protection for all devices.
Backup all data in more than one place.
Utilize network segmentation to prevent the spread of malware.
