In the spirit of Data Privacy Day and raising awareness around safeguarding data against cybercriminals, here are three things all businesses need to know about ransomware, fast.
1. Ransomware is spreading like wildfire.
Ransomware is the fastest growing malware threat facing businesses today. The number of ransomware families has increased by 600% just in the last year, infecting organizations around the world small and large, including healthcare providers, retailers and governments. According to a recent survey, more than 50 percent of small and midsized businesses (SMB) have been victims of ransomware, costing them an average of $2500 per attack.
Cybercriminals use this nasty and effective type of malware to hold business-critical systems and data hostage until a sum of money is received. The FBI estimated the cost of ransomware in 2016 at $1 billion. As criminals become more targeted, stealthy and destructive in their attacks, businesses are increasingly at risk.
2. Phishing emails are all the rage.
Cyber-attackers rely heavily on phishing emails to deliver ransomware. In fact, 43% of SMB ransomware victims surveyed last year blamed phishing and social engineering as the root of the attacks. Phishing emails work because they look and seem real, like a message from the IT department or an invitation to connect on LinkedIn. The trick is they are laced with malicious links and/or attachments designed to get the recipient to disclose personal information (like a password) or unknowingly download ransomware and other types of malware. While companies are at risk as a whole, the greatest vulnerability when it comes to ransomware attacks are the employees that make up these companies. These end users are the prime target for cybercriminals – it only takes one employee to compromise an entire organization.
3. Outdated software is still a problem.
99% of computers use software (such as Oracle Java, Adobe Reader, Adobe Flash, Google Chrome, Internet Explorer) that is vulnerable to ransomware attacks if not updated. Criminals bank on the fact that users are not regularly updating their software with patches they receive from vendors. They plant ransomware on websites and take advantage of software vulnerabilities to launch attacks on visitors using outdated software. Using outdated software means at any given time you’re just one click away from being infected by ransomware.
Ransomware is spreading like wildfire. Phishing emails are all the rage. And outdated software is still a problem. Now, what to do about it? Check out the PCI Security Standards Resource Guide on Defending Against Ransomware for security best practices to protect your data.