Every 40 seconds, ransomware wreaks havoc for businesses

David Pollino
Posted by David Pollino

During the past year, ransomware has become a more serious threat for businesses of all sizes.

Screen showing red padlocks superimposed on various parts of the globe, nearly all continents.Just consider these global ransomware statistics compiled by the Kaspersky Security Network (KSN) for 2016:

  • In the first quarter, a business was attacked every 2 minutes.
  • In the third quarter, a business was attacked every 40 seconds.
  • One in five small businesses that paid a ransom never got their data back.

Unfortunately, the growing cycle feeds itself: As more businesses have paid ransoms to retrieve valuable data, the thieves have become emboldened and even innovative. A total of 62 new ransomware families emerged last year, as tracked by KSN.

2 basic forms of ransomware

The types of ransomware used today fall into two main categories: crypto and locker. The crypto version blocks access to data and files (often via encryption), while the locker prevents access to the infected computer or device. In both cases, victims receive a message demanding a ransom payment in exchange for restoring data and/or system access. You can learn more about these types of ransomware in this white paper from Symantec.

Obviously either type of threat could be catastrophic for businesses, which may stand to lose valuable customer data or even be prevented from doing business because transactional systems are blocked.

New partnership helps in the fight

Joint efforts by law enforcement and IT security companies have created the No More Ransom project, which launched in July 2016 and continues to grow and make decryption tools available on its nomoreransom.org platform. According to Help Net Security, the platform now contains 40 free decryption tools and is available in 14 languages.

The site also recommends that victims not pay the ransom. “By sending your money to cybercriminals you’ll only confirm that ransomware works,” the website declares, “and there’s no guarantee you’ll get the decryption key you need in return.”

What you can do

Federal officials agree that businesses and consumers should not pay a ransom; rather victims should contact the FBI or submit a complaint on www.ic3.gov, a government site for filing and sharing information about cybercrime.

I also recommend several proactive steps that you can take to help protect your business, such as:

  • Use email filtering to screen all incoming and outgoing mail for malicious or junk status and quarantine attachments with macro extensions (.docm, .xlsm, .pptm).
  • Limit administrative rights on computers (malware often needs admin rights to take over a computer) as well as valuable data files.
  • Educate employees about the risks of ransomware and train them to be suspicious of unsolicited emails and avoid clicking on links or attachments in emails.

For more tips, please see my previous posts “Held hostage: Be alert for ransomware” and “As ransomware attacks rise, these 5 tips may help protect you.”

Reminder: All comments are moderated prior to publication and must follow our Community Guidelines.

Submit an Idea

[contact-form-7 id="32" title="Share An Idea"]

You are leaving the Bank of the West Change Matters site. Please be aware: The website you are about to enter is not operated by Bank of the West. Bank of the West does not endorse the content of this website and makes no warranty as to the accuracy of content or functionality of this website. The privacy and security policies of the site may differ from those practiced by Bank of the West. To proceed to this website, click OK, or hit Cancel to remain on the Bank of the West Change Matters site.