Cybercriminals routinely attempt to hold businesses hostage with malware that encrypts data and can freeze an organization’s network. Here’s how you can make it harder for them to succeed.
RANSOMWARE IS A TYPE OF MALWARE that encrypts data on computers, mobile devices and networks and locks users out. It allows cybercriminals to demand payment for the release of data or return of service. It can be delivered in various ways, including fraudulent emails and websites, unpatched remote network portals and pop-up warnings with phony links to technical support.
Cybercrime that leverages ransomware is becoming more sophisticated and ransomware demands are increasing. The average ransom demand in Q2 of 2021 was $136,576, with median ransom payments hovering around $47,000.1 But it’s not just money at stake. Criminals also may threaten to release proprietary data or intellectual property they have seized to damage the fortunes or reputation of a business.
Ransomware is often a crime of opportunity. It works because the perpetrators understand that a targeted business or individual has been compromised at a time when they can ill-afford to interrupt service or operations. Targeting hospitals during a pandemic, businesses that can be ruined by a few hours of downtime or cities responding to a crisis are just a few examples of this opportunism.
There is no infallible defense against ransomware. Criminals continue to refine software and access methods and may even sell particularly effective strains to less-adept hackers. But individuals and businesses can protect themselves through cyber education and, most importantly, preparedness. Organizations that develop backup and remediation plans can give themselves options that can greatly reduce the severity and length of a ransomware incident.
Like other forms of malware, ransomware often is packaged into communications that contain malware or hyperlinks to infected sources. The criminals rely on unsuspecting device users responding to prompts or following links that allow the malware to load.
As businesses and supply chains become more interconnected, ransomware is also launched through vectors such as weaknesses in third-party networks or unsecured back-ends of legitimate websites that help mobile and off-site workers access company servers.
In some cases, cybercriminals may first access a company’s network undetected. They will take time to learn how the organization operates and where its network is weakest. It may be months before they decide to launch the ransomware, but the reconnaissance can make the attempt much more effective.
Thwarting ransomware attempts begins with understanding what services and data are most valuable to an organization. If a company depends on uninterrupted service for its customers, it should explore how it could maintain service should criminals seize control of the network.
Whether a company needs to protect its finances, data, reputation or services, there are several steps to take that greatly reduce the risk and potential damage of a ransomware incident:
Then we can provide you with relevant answers.Get started