Ransomware is not a new phenomenon but for cybercriminals it has become a popular technique to use. In a ransomware attack, cybercriminals block access to a business or individual’s computer system and hold data hostage until a ransom is paid. Here, cybercriminals have just one goal - to receive payment from the victim. Even if the victim is able to pay the ransom, there is no guarantee the criminal will provide the decryption key to release the data.
Recently, ransomware attacks have become significant threats to corporations, cities, and even nations. In the third quarter of 2019, the average ransomware payout increased to $41,000, a 13% increase from the second quarter. Also in 2019, 55% of SMBs paid cybercriminals to recover their stolen data. If nothing else, 2019 proved that ransomware is still a profitable business for cybercriminals and it will continue to get worse.
How is it Getting Worse?
Ransomware attacks are tempting to cybercriminals because they know that once a company is attacked, the company is prone to pay the ransom and get back to business as quickly as possible.
Once receiving the ransom, cybercriminals gain more confidence and are tempted to keep attacking other organizations because it proves to be a lucrative opportunity. Moreover, ransomware offers cybercriminals a smaller chance of getting caught compared to other malware attacks, especially if they demand bitcoins as payment because of the anonymity the virtual currency provides. As these attacks have been getting worse, the FBI recommends not paying the ransom because it increases the criminal’s confidence without guaranteeing a decryption key to recover the data.
Practice Basic IT Security
Many organizations become victims of ransomware attacks due to the lack of software updates and cybersecurity awareness trainings. Practicing basic IT security will help prevent a majority of ransomware and other malware attacks. Here are a few steps you can take:
- Create effective backups in case you do become the victim of a cybercriminal
- Use multi-factor authentication for all employees to access your network
- Educate and train your employees to recognize suspicious emails
- Have a clear plan for how to respond to an attack, should one occur
Unfortunately, there will still be organizations who will fall victim to ransomware attacks as cybercriminals become more sophisticated, organizations continue to pay the ransom, and the pace of attacks increase. Ignoring basic IT security allows cybercriminals to profit off your business. Your best line of defense is to take every necessary step to reduce the growing risk ransomware attacks present.
Because of the constantly evolving threat landscape, Tabush Group has a comprehensive service to protect both your systems and your users. Our Premium Defense Service offers additional security to anticipate and prevent cyberattacks.