If organizations weren’t serious about tightening their cybersecurity strategy to combat ransomware within the past sixteen months, the mammoth WannaCry attack launched against the world on Friday, May 12, 2017 has certainly induced them to do so. Like most enterprise security threats, there are multiple ways to combat ransomware. Some methods are more intrusive than others though.
The news is buzzing with instances of companies being taken for a ride by cyber thieves. Their new tactic? Injecting dangerous software into the organization and locking their data up until a ransom is paid. While the FBI still recommends not paying the ransom, enterprises are taking varying approaches to combatting ransomware. In this post we dive into some recent ransomware attacks and takeaways your organization can learn from them.
Last year, ransomware became a $1 billion dollar industry. If ransomware were a traditional legitimate industry it would be the focus of case studies for business schools at colleges and universities across the world. Its exponential growth has been unprecedented and its nefarious means of encrypting one’s data files to garner ransom has captured the headlines of newspapers, journals, blog sites, and news channels. One billion dollars brings a lot of attention and spotlight to something.
As we look back at the year that was, one cannot ignore the growing prominence of Ransomware within the IT Security community. The dramatic surge of ransomware attacks has been outlined within headlines all across the country as cyber criminals continue to perfect this method of extortion in which no person or organization appears to be exempt from today.
Ransomware is a flourishing IT threat, and one that can cost organizations thousands of dollars in lost data, ransomware repayments and security breaches. According to Marcin Kleczynski, the CEO of cybersecurity company Malwarebytes, "In the last six to 12 months, [ransomware] has just gone so aggressively to the business environment. We see companies from 25 people all the way to 250,000 people getting hit with ransomware."
The news is filled with examples of companies being exploited by cybercriminals’ ransomware attacks, left with their information held hostage unless they pay a hefty fine. While you may think that ransomware can’t happen to your organization, or isn’t as widespread as it may seem, think again.
At WEI we are always looking for new and comprehensive solutions to meet our customers’ changing security needs. According to Symantec’s 2015 Internet Threat Report, the number of ransomware attacks by cyber criminals more than doubled between 2013 and 2014. What can businesses do to avoid this? One piece of your comprehensive security puzzle should be to focus on network segmentation.
Newscasters seemed rattled by the news last week that Hollywood Presbyterian Medical Center paid hackers $17,000 in Bitcoin to regain access to a key system.
This is no surprise for security insiders. Ransomware for enterprises is a top trending threat. In fact, the center’s ransom pales in comparison to the $123,000 in Bitcoin demanded from a New Jersey school district in 2015; the district decided instead to rebuild systems from backups.
Security analysts say that anywhere from 3 to 40 percent of ransomware victims pay up. The FBI, the agency responsible for investigating ransomware, has no way to help. Instead, the FBI recommends paying the ransom if the victim has no unaffected backup from which to restore files. Several police departments have paid ransoms.
