Ransomware Rundown: What Businesses Need to Know

Ransomware Rundown: What Businesses Need to Know

  • By Brett Hansen
  • Mar 09, 2017

Today as the cybersecurity landscape continues to evolve at breakneck speed, so do the threats, and the amount of data we have sitting with the different organizations we deal with is growing each day. At this point, we all need to be aware of cybersecurity and the steps we need to take to safeguard ourselves and our most important information because there is no silver bullet for cybersecurity: the best line of defense is to educate ourselves.

Enter: ransomware. Five years ago when we talked about cyber-attacks, it’s likely we were talking about banking trojans that would steal your passwords and credit card numbers than anything else. Today, if your mobile or desktop computer becomes infected, what gets installed is most likely ransomware. Ransomware locks up endpoints – computers or mobile devices – and encrypts files to hold them hostage until an individual or organization pays a fee to the cybercriminals responsible for the attack. According to the Department of Justice, 4,000 ransomware attacks happen daily, which adds up to nearly 455 billion attacks a year, millions of dollars on the line and numerous amounts of your data that could potentially be jeopardized.

With that amount of money on the line, it’s very clear that ransomware is a problem for everyone, not just large organizations. Small businesses faced eight times more ransomware attacks in the third quarter of 2016 than the third quarter of 2017 and overall, 29% of all people have faced online threats. 70 percent of all attacks target companies with fewer than 5,000 people. Furthermore, 60 percent of SMBs that are targeted go out of business within six months of the attack. Why is this important to know? Because data is a lifeline for these businesses – and a lot of that data is actually yours. Protecting it should become a priority. As an IT industry, it is our job to help all businesses and consumers alike realize that legacy security solutions in use for the last decade just aren’t working any longer.

Ransomware is now so pervasive, it has become everyone’s problem: it attacks businesses indiscriminately, and it isn’t created to attack any specific industry above others. However, a key reason for the increased success rate of ransomware attacks in select industries such as finance and healthcare, can more readily be tied to the number of users who require regular access to confidential information, and the cyber-literacy of these employees. The onus is now on both businesses and employees to make security a priority.

In sectors where a high number of employees require access to this data regularly, such as health care providers requiring patient information, there are more opportunities for a ransomware attack, and opportunities often mean a higher success rate. Another reason these attacks are successful is because they target users who are traditionally more vulnerable to cyberattacks – be it smaller businesses without dedicated IT resources, individual employees who aren’t adequately protected or educated against malware execution, or organizations where data is of paramount importance.

That said, all data isn’t created equal. The most common types of data to be affected by a ransomware attack are employee, patient or customer information, as well as financial data. Attackers are also targeting data around infrastructure systems. For example, hackers compromised and encrypted data from around 900 systems from San Francisco’s Municipal Transportation Agency in November 2016. The incident did not affect the transit service, but the agency had to open the gates and provide free transport to passengers to minimize customer impact for 1 day. A month later, the Los Angeles Valley College paid $28,000 to have their data restored after a ransomware attack disrupted email, voice mail and computer systems at the public community college.

The future of ransomware attacks is directly tied to the future of where data will travel as employees become more and more mobile, and the areas of our lives where it will have more control. The advent of the Internet of Things and constant connectivity means that data will be pivotal to more areas of our corporate and personal lives. As data becomes more vital, the ransoms placed will be proportionate to the value of that data. Not only does this mean more opportunities for data to be held hostage, but it potentially raises the dollar value we are willing to pay for recovery. Estimates from the FBI put ransomware on pace to be a $1 billion source of income for cyber criminals this year.

To better prevent against ransomware attacks, it is imperative that businesses take a multi-layered approach that address all facets of cybersecurity:

  • Ensure solutions are in place to protect both the devices that access data and the critical data itself.  Prioritize protecting the most valuable assets to your company and build your security strategy from there.
  • Educate employees about their role in privacy and security, as well as the importance of respecting and protecting key data.
  • Encourage employees to think before they act. Employees should be wary of communications that implore them to act immediately, offer something that sounds too good to be true or ask for personal information.
  • Employees should fortify login accounts by enabling the strongest authentication tools available, such as biometrics, security keys or a unique one-time code through an app on your mobile device. Usernames and passwords are not enough to protect key accounts like email, banking and social media.
  • Make sure the security solutions you have in place are not outdated and are consistently updated.
  • Regularly back up critical data in a secure manner so that data isn’t lost if a breach occurs.

With Data Privacy Day just behind us, it’s a great time to learn about the different ways in which individuals and organizations can stay safe.  Prevention is the best cure and oftentimes education is the first line of defense to keep your company and customer data secure. For more information and resources regarding what you can do to protect yourself and your business from ransomware and other threats, please see the National Cyber Security Alliance’s business resources and Dell’s Security Solutions.

Featured

  • It's Show Time

    I am one of those people that likes to see things get bigger and better. As advertised, ISC West is going to be bigger (more exhibitors) and better (more attendees). It’s show time in Las Vegas. Read Now

    • Industry Events
    • ISC West

  • SIA Releases New Report on Operational Security Technology

    The Security Industry Association (SIA) has released an impactful new resource – Operational Security Technology: Principles, Challenges and Achieving Mission-Critical Outcomes Leveraging OST. Read Now

  • Cyber Overconfidence Is Leaving Your Organization Vulnerable

    The increased sophistication of cyber threats pumped by the relentless use of AI and machine learning brings forth record-breaking statistics. Cyberattacks grew 44% YoY in 2024, with a weekly average of 1,673 cyberattacks per organization. While organizations up their security game to help thwart these attacks, a critical question remains: Can employees identify a threat when they come across one? A Confidence Gap survey reveals that 86% of employees feel confident in their ability to identify phishing attempts. But things are not as rosy as they appear; the more significant part of the report finds this confidence misplaced. Read Now

  • Mission 500 Debuts Refreshed Identity Ahead of Security 5K/2K at ISC West

    Mission 500, the security industry’s nonprofit charity dedicated to supporting children in need across the US, Canada, and Puerto Rico, has unveiled a refreshed brand identity ahead of ISC West. The charity’s new look includes a modernized logo with refined messaging to reinforce Mission 500’s nearly decade-long commitment to serving the needs of children and families in crisis. Read Now

    • Industry Events
Most   Popular

New Products

  • Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

    Connect ONE®

    Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

  • PE80 Series

    PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

    ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening.

  • ComNet CNGE6FX2TX4PoE

    The ComNet cost-efficient CNGE6FX2TX4PoE is a six-port switch that offers four Gbps TX ports that support the IEEE802.3at standard and provide up to 30 watts of PoE to PDs. It also has a dedicated FX/TX combination port as well as a single FX SFP to act as an additional port or an uplink port, giving the user additional options in managing network traffic. The CNGE6FX2TX4PoE is designed for use in unconditioned environments and typically used in perimeter surveillance.