With cybersecurity a regular topic on the news and an issue once again under increasing scrutiny by policymakers, it is a good time to address the best ways to safeguard the business, personal, and customer data of the American business community. While there are many cyber threats lurking that threaten American businesses, ransomware is one of the most common and damaging attacks that threatens the security of sensitive data.
Ransomware is a type of malware (short for malicious software or code) designed to hold business-critical systems and data hostage until a ransom of money is received. These attacks are becoming more common, more sophisticated, and more destructive, placing businesses at increasing risk.
Ransomware is the fastest growing malware threat today. The number of ransomware families (e.g., LOCKY, PETYA) has increased a staggering 600% just in the last year, infecting organizations in high-profile attacks that have played out in the news (e.g., WannaCry, NotPetya). According to the FBI, the estimated cost of ransomware crime in the first three month of 2016 was $209 million, leading Herjavec Group and Cybersecurity Ventures in their latest report, Hackerpocalypse: A Cybercrime Revelation, to project that the total cost of ransomware in 2016 would be closer to $1 billion. Ransomware also targets individuals. According to ZDNet in 2015, cybercrime victims paid out $24 million to criminals deploying ransomware.
Ransomware attacks usually happen via a phishing email or as a result of website and software vulnerabilities. Phishing emails are emails that at first glance look legitimate, but they include malicious links and/or attachments that infect your computer and systems. These attacks are often the most difficult to defend against because they are disguised as a legitimate email from a legitimate source. Criminals also like to plant ransomware on websites and then take advantage of software vulnerabilities to launch attacks on visitors using outdated software.
There are many ways to better protect your business from these vicious and sneaky ransomware attacks. Some good guidance to better protect yourself and your business includes:
- Be aware. Develop a plan that educates your employees on the best ways to avoid these types of attacks and how to handle an attack if one does occur. It is important to emphasize that all employees should think before they click. Emails can look like they come from anyone in the company. If you have any doubt, contact the person the email is from to confirm before clicking on a link or opening a file. If the sender is unknown to you, delete it.
- Stay vigilant. A ransomware attack can happen at any time which is why data security must be an all-day, every-day priority within your business. For too many businesses, passing a data security test is just a box they check once or twice a year. It must be 24/7 and involve all employees — from the CEO to the intern. Maintaining vigilance means staying up-to-date on patching software and putting in place a system for scanning for vulnerabilities. Criminals are persistent, which means you must be as well by testing your systems and fixing problems and vulnerabilities as soon as possible.
- Make A Plan. You and your employees should keep regular backups of your data information to mitigate damage should an attack occur. Your company should know how to respond to an attack and what to do when it happens. Make sure you have a detailed plan in place and communicate it to your employees. Make sure you review and update your plan regularly.
There are a lot of resources available to companies interested in bolstering their defenses against ransomware attacks. The PCI Security Standards Council has released a Ransomware Resource Guide. It is an easy to understand reference that serves to explain and simplify the best practices for defending against ransomware attacks.
Download the Ransomware Resource Guide
As we look to the future, it is important to redouble our commitment to guard against those who would do our free enterprise system harm by comprising our ability to conduct business. By taking a smart approach to defending against ransomware, together we can lock down security for businesses and customers alike.