With ransomware attacks soaring, IT organizations need to have an effective defense in place and focus on ransomware security awareness.
The Kaspersky Security Bulletin published reports that between January and the end of September 2016, ransomware attacks on businesses increased threefold. Essentially, this translates into the frequency of ransomware attacks ramping up from an incident every two minutes to one every 40 seconds, driving the need for today's focused ransomware security awareness.
The FBI estimated ransomware is approximately a $1 billion-a-year business -- and growing. But the nature of the attacks, which prey as much upon end-user naiveté as system vulnerabilities, is vexing organizations that aren't sure how to most effectively safeguard their assets.
As in all areas of IT security, a successful defense starts with effective policy and end-user education. While ransomware attacks on both consumers and businesses are making more headlines, end users are often still unaware how their own behavior -- visiting questionable sites or clicking on links in an unsolicited email -- can expose their systems to malware that locks their screens or encrypts files.
End users need to be aware of what to look for and what to avoid -- namely clicking on any link in an email that looks remotely suspicious. And, of course, it is absolutely crucial that organizations keep their antimalware software up to date.
In the event an organization falls victim to an attack, it may be tempting to avoid the consequential psychological warfare and just pay the ransom. Unfortunately, even if that particular business gets access to its data upon payment and is never attacked again, giving in to the attacker's demand will only serve to encourage future attacks on others.
There are sources available to assist enterprises under attack, including those from law enforcement. Businesses can also seek counsel from experts in the industry as they work on ransomware security awareness. One source is the No More Ransom Project, an online portal founded by cybersecurity vendors and organizations that provides ransomware attack victims with tools they can use to decrypt their breached files. Site organizers claim the project has helped 6,000 companies targeted in ransomware attacks save more than $2 million.
Doxware ransomware vs. extortionware
Ransomware prevention may be a losing battle
Protecting hospitals against ransomware
Related Q&A from Amy Larsen DeCarlo
With help from telecom providers and connectivity, hybrid cloud networking enables organizations to add network capacity by tapping into public cloud... Continue Reading
Network traffic analysis has evolved to incorporate machine learning techniques that help identify network security threats in real time and expedite... Continue Reading
As they monitor and filter network traffic, some firewalls can provide some pretty advanced security controls. But added packet inspection can slow ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.