Is your Business a Target of Ransomware?

In four countries in 2016, 40% of businesses were hit by ransomware, of which, 30% lost revenue and a further 20% had to cease operations.[1] Ransomware is a form of malicious software that restricts access to your computer systems or files and demands that a ransom is paid between the restriction to be removed. The 2016 State of Ransomware report surveyed 540 CIOs, CISOs, and IT directors. The survey was conducted in four countries, 54% of the businesses in the United Kingdom were hit by ransomware, 47% in the United States, 35% in Canada and Germany concluded the four with 18%.

Ransomware is the single largest cyber-threat to businesses today and it can be very costly to its victims. 97% of IT service providers say) that small businesses are being targeted more frequently with ransomware and (that this) trend is expected to continue. Up to 31% of businesses have experienced multiple ransomware attacks in a single day.[2] Usually, cyber-criminals research and target a specific victim that they may consider a “big phish” or a “whale” (wealthy or high profile target) and deploy considerable resources to succeed in their attack. Nearly 60% of all ransomware attacks on enterprise businesses demanded over $1,000. Over 20% of attacks asked for more than $10,000, and about 1% of attacks asked for over $150,000. (More than 40% of the victims paid their ransom demands

Cyber-criminals will create different kinds of ransomware to spread by any means available. (and often look for the easiest way to infect a system or network). One (common and relatively successful) way of spreading ransomware is to send spam email that contains malicious links or attachments that are disguised as important documents or interesting files. Another (way) is to redirect internet traffic to malicious websites which may seem like legitimate websites but have malicious codes (running on) their web pages. (Ransomware’s notoriety stems from its ability to self-propagate i.e. spread from an infected computer to another.

The effects ransomware has on its victims is technological and oftentimes, financial, but it can also be psychological. Ransom payments often have a time-limit within which payment is requested to be made through a money transfer service or using an internet currency such as Bitcoin. Not meeting the deadline usually means an increase in ransom, and a possible destruction of data. The ransomware may even threaten to publicly share a business’ data online to add an unwanted element for those that would restore a back-up of their data and not worry about paying the ransom. Threats of public disclosure of prized and confidential business information usually compels enterprises that routinely back-up their data to succumb to the demands of a ravaging ransomware. Another psychological technique ransomwares employ is to trick victims with a fake law enforcement notice into paying fines for downloading or accessing illegal content.

Ransomware has proven effective in its attacks and can be challenge to deal with. The Federal Bureau of Investigation (FBI) reports that cyber-criminals net an estimated $150 million a year using ransomwares. in 2015, the bureau agreed that ransomware is here to stay. In the 2016 State of Ransomware report, 96% of U.S. organizations reported that they are not very confident in their ability to stop ransomware, and that 50% of current enterprise security measures are weak against ransomware. Almost half of ransomware incidents in the U.S. occurred on a desktop within the enterprise security environment. It is important to note that ransomware does not only target computer systems, such as desktops, servers and laptops. Tablets and smart phones, which are increasingly important devices for people and businesses, are also vulnerable to ransomware.

Wilson Consulting Group (WCG) is in the business of anticipating emerging risks and preventing ransomware attacks. WCG’s cyber-intelligence service minimizes threats to your system. We can protect your network from ransomware by supplying real-time threat detection and prevention. WCG’s services can secure your computers, tablets and smartphones in the workplace.

Wilson Consulting Group also provides comprehensive training programs designed to help businesses identify threats and protect data. Organizations that treat cyber security as the responsibility of every employee, guest, and partner will be the most prepared should an attack occurs.

[1] https://blog.malwarebytes.com/101/2016/10/the-global-impact-of-ransomware/