Arsgera - Fotolia
With ransomware attacks soaring, IT organizations need to have an effective defense in place and focus on ransomware security awareness.
The Kaspersky Security Bulletin published reports that between January and the end of September 2016, ransomware attacks on businesses increased threefold. Essentially, this translates into the frequency of ransomware attacks ramping up from an incident every two minutes to one every 40 seconds, driving the need for today's focused ransomware security awareness.
The FBI estimated ransomware is approximately a $1 billion-a-year business -- and growing. But the nature of the attacks, which prey as much upon end-user naiveté as system vulnerabilities, is vexing organizations that aren't sure how to most effectively safeguard their assets.
As in all areas of IT security, a successful defense starts with effective policy and end-user education. While ransomware attacks on both consumers and businesses are making more headlines, end users are often still unaware how their own behavior -- visiting questionable sites or clicking on links in an unsolicited email -- can expose their systems to malware that locks their screens or encrypts files.
End users need to be aware of what to look for and what to avoid -- namely clicking on any link in an email that looks remotely suspicious. And, of course, it is absolutely crucial that organizations keep their antimalware software up to date.
In the event an organization falls victim to an attack, it may be tempting to avoid the consequential psychological warfare and just pay the ransom. Unfortunately, even if that particular business gets access to its data upon payment and is never attacked again, giving in to the attacker's demand will only serve to encourage future attacks on others.
There are sources available to assist enterprises under attack, including those from law enforcement. Businesses can also seek counsel from experts in the industry as they work on ransomware security awareness. One source is the No More Ransom Project, an online portal founded by cybersecurity vendors and organizations that provides ransomware attack victims with tools they can use to decrypt their breached files. Site organizers claim the project has helped 6,000 companies targeted in ransomware attacks save more than $2 million.
Doxware ransomware vs. extortionware
Ransomware prevention may be a losing battle
Protecting hospitals against ransomware
Dig Deeper on Network Access Control
Related Q&A from Amy Larsen DeCarlo
Homes now have more connected devices, which could become targets for hackers. Consequently, work-from-home employees should take certain steps to ... Continue Reading
Network management and security have become even more intertwined now that more employees are working from home. How can enterprises ensure they are ... Continue Reading
While Simple Network Management Protocol tracks network devices, Remote Network Monitoring tracks traffic. As a team, SNMP and RMON are essential for... Continue Reading