Do you want the good or bad news first? The good news is that cybercriminals are releasing fewer types of malware. The bad news? Those same people are ramping up their ransomware attacks.
According to a report from SonicWall, the number of attempted attacks spiked a whopping 167 times (not percent) from nearly four million in 2015 to 638 million last year. “That’s where the money is,” Dmitriy Ayrapetov, SonicWall’s Director of Product Management, tells CSO.
Ransomware is the new “it” thing. According to Microsoft, ransomware stops you from using your computer, stopping productivity. Ransomware will demand you pay money to regain access to your PC or files. But even after paying, some victims report not getting all of their files back.
The Federal Bureau of Investigation (FBI) says ransomware is typically installed by clicking on a malicious link, opening a file in an email that installs the malware or through drive-by downloads from a compromised website.
Cybercriminals don’t discriminate. With their ransomware, they’re targeting home computers, endpoints in an enterprise network and servers used by government agencies or healthcare providers.
The SonicWall study found 70% of business victims paid to get their data back. Of those who paid, 50% paid more than $10,000 and 20-percent paid more than $40,000.
According to CNBC, a Hollywood-area hospital’s internal computer system was held hostage in 2016 for $3.7 million. The hospital admits to paying the hackers $17,000 in Bitcoin. The San Francisco Municipal Transit Authority (SFMTA) also fell victim. The crooks demanded 100 Bitcoins, or roughly $70,000.
In an email, the hackers told Forbes they breached a Windows 2000 server. They went on to say, “Company don’t pay attention to Your safety! They give your money and everyday rich more! But they don’t pay for IT security and using very old systems!”
- Educate and train end users about ransomware
- Use reputable antivirus software and a firewall
- Regularly backup computers and servers to either an external hard drive or an online service
- Lock down mapped network drives with a password and access control restrictions
- Download patches for web application frameworks, web browsers and web browser plug-ins
- Enable your pop-up blocker
- Don’t click links or open attachments in emails from unknown senders
- Avoid suspicious websites
If your IT infrastructure is being held for ransom, do not pay it. Symantec says you should immediately remove the impacted device from the network and restore the impacted files from a known good backup. The FBI is also encouraging all victims to reach out to their local FBI office and/or file an online complaint with the Internet Crime Complaint Center.