Written by: Jay H.
Ransomware has dominated headlines in the past couple of years, and 2021 was no exception. Unfortunately, ransomware is only growing as a threat – and successful attacks are costing organizations even more. Many businesses that fall victim to ransomware end up paying the costly ransom in hopes of retrieving their data. However, many end up paying more than once, according to analysts at Proofpoint.
State Of Ransomware
Sixty-eight percent of organizations dealt with at least one ransomware attack in 2021. Of those impacted, almost two-thirds experienced more than three separate infections, and 15 percent handled over 10 separate infections!
Once impacted, nearly 60 percent of organizations negotiated with the attackers. Cybersecurity experts and government agencies caution against this since there is no guarantee that attackers will restore the data once they receive payments. Indeed, many of the respondents discovered this for themselves.
Only fifty-four percent of organizations that made payments regained access to their data and systems after the first payment. Thirty-two percent of respondents had to pay additional ransoms demanded and eventually regained access. However, 14 percent never got access to their data and systems, either refusing to pay further ransoms or getting ghosted by the attackers.
Since cybercriminals usually lurk within an organization’s networks for weeks or months before initiating an attack, many times they can easily return and strike again. And since they know their victims are willing to pay the ransoms, it gives them even more incentive to attack again.
Many attackers use stolen data as leverage in negotiations, threatening to publish it if they don’t receive ransom payments. This puts more pressure on businesses to pay the ransom. However, law enforcement and cybersecurity experts discourage firms from paying the ransom, since there is no guarantee of getting access to the data back and it further encourages cybercriminals.
Organizations need to prepare for the real possibility that they will get struck by a ransomware attack, whilst also preventing them in the first place.
Most ransomware attacks result from human error, with 75 percent beginning from successful phishing campaigns. As such, providing cybersecurity awareness training for all employees is one of the best measures to take to prevent attacks.
Other security measures needed to combat ransomware include:
- Enabling multi-factor authentication on all accounts.
- Requiring strong, unique passwords for every account.
- Applying updates to software, operating systems, and firmware as soon as their developers release them.
- Maintaining regular backups of your invaluable business data.
- Working alongside a managed IT service provider such as Design2Web IT to monitor your network and detect and remediate threats before they turn into disastrous ransomware attacks.
Comments are closed.