February 07, 2017
Is your business taking steps to aid ransomware prevention?
Ransomware is a form of malware that usually enters a victim’s computer or mobile device as an attachment in an email or during a visit to a compromised website. Once inside, a cybercriminal can remotely encrypt information. With files locked down the criminal sends a ransom demand, which must be paid before a decryption key – and access to files again – is provided.
Nearly one in two business executives in a recent IBM-X Force study had experienced a ransomware attack in the workplace. The study showed that 40% of all spam emails sent in 2016 contained ransomware.
What are the some of the biggest dangers of ransomware?
Operations: With our reliance on digital information today, a ransomware attack can put everything on hold and at risk. For example, when the Hollywood Presbyterian Medical Center in L.A. was victimized last year, high-risk patients had to be diverted to other hospitals and paper records used until the ransom was paid.
Time: The longer an organization waits to respond to ransomware, the more business functions and reputation can suffer.
Money: Of the 54% of UK businesses targeted by ransomware in recent Malwarebytes research, more than one-third lost revenue and many closed completely. The IBM study showed that victims paid between $10,000 and $50,000 in ransom. There can be non-compliance fines too.
Mobile: The McAfee Labs 2017 Threats Predictions report said ransomware is one of reasons why mobile malware attacks are increasing. The report pointed out that attacks are combining ransomware or locking a mobile device with stealing credentials – to allow attackers access to bank accounts and credit cards.
Small Businesses: Only 29% of small businesses have experience with ransomware attacks compared to 57% of medium-size businesses. Plus, only 30% of small businesses surveyed provide security training to their employees.
Here are best practices recommended for ransomware prevention:
Learn how a protected workplace utilizes a comprehensive document management policy – and process.