Cybercriminals are constantly seeking new ways to make a profit and circumvent security mechanisms implemented by individuals and organizations alike. In the past, viruses and later malvertising trojan horses used to dominate the malware landscape, but over the last few years a new form of malicious software, called ransomware, has become so prominent that its global damage costs are predicted to reach $11.5 billion annually by 2019.
What is Ransomware?
Ransomware is a type of malware that denies access to the victim’s data unless a ransom is paid. Most ransomware attacks start with a phishing scam that tricks the victim to download and open a ransomware trojan disguised as a legitimate file. More aggressive ransomware attacks exploit unpatched security holes in operating systems and software applications to accomplish the same without the need to trick users.
Once a ransomware trojan has taken over the victim’s computer, it begins to stealthily encrypt all non-system files, making them inaccessible without a decryption key, which the attackers provide in exchange for a ransom. After all files have been encrypted, a pop-up message typically appears on the victim’s computer screen, displaying instructions on how to pay the ransom. The payment is typically made using cryptocurrency, such as Bitcoin or Monero, which makes it virtually untraceable.
Cost of a Ransomware Attack
According to Symantec, the average ransom demand was only $522 in 2017, making it affordable even for individual users, which is exactly what cybercriminals want. However, the true cost of ransomware incidents is much higher. The State of Endpoint Security Today report published by Sophos discovered that businesses lose an average of $133,000 in recovery costs following ransomware incidents due to business-related costs like downtime, emergency response and lost opportunities.
This explains why 65 percent of companies pay a ransom when they are hit by ransomware, according to research from Trend Micro, even though 66 percent of companies say they would not pay a ransom to criminals under any circumstances. “The official position of law enforcement agencies is never to pay a ransom,” says Gary Sockrider, Principal Security Technologist at Arbor Networks. “But if you talk to ransomware victims they sometimes say explicitly that they were advised to pay the ransom.”
How to Protect Against Ransomware
Because not all ransomware utilizes advanced and sophisticated encryption algorithms, some victims have been able to decrypt their files using free ransomware decryptors, such as those hosted by the No More Ransom! project, which is a joint effort of law enforcement and IT security companies.
Unfortunately, the files encrypted by many ransomware trojans are impossible to decrypt, making strong defense the best protection against ransomware. Individuals and organizations alike must keep their operating system updated and refrain from giving administrative privileges to unknown software.
Since most ransomware attacks originate via phishing scams, employers must educate their employees about safe use of company IT resources. Organizations should also proactively monitor their network and have the technological means to stop ransomware attacks from spreading across the network.
How Vology Can Help You Stay Protected
Vology offers a full breadth of Managed Security Services and a 24/7/365 Security Operations Center (SOC) designed to protect against the latest threats, including ransomware. With our help, you can rest assured knowing your network is continuously monitored by our highly skilled security personnel.
Ransomware attacks have emerged over the last few years as the most devastating form of cyber attack, costing organizations around the world billions each year. Fortunately, Managed Security Services Providers, such as Vology, make it easy for small to mid-sized businesses (SMBs) to effectively protect themselves from ransomware as well as other dangers that are lurking in the cyber world.