In 2016, there was a staggering increase in ransomware attacks. In fact, according to a recent report by SonicWall, the number of attempted attacks increased from 3.8 million in 2015 to a staggering 638 million in 2016.
Ransomware is a specific type of malware designed to block a user from being able to access critical files on their computer or server. This is done by either locking the computer screen or, as is increasingly the preferred modus operandi, encrypting certain critical files and demanding a ransom for their decryption. This crypto-style ransomware is highly prevalent, continuously evolving – and has proven to be very lucrative for cyber criminals.
According to Symantec’s 2016 Internet Security Threat Report, between 2015 and 2016 the threat of ransomware evolved beyond a focus on PCs to include smartphones, Mac and Linux systems. Even smart TVs and smart watches are not immune to ransomware attacks.
SMEs hardest hit
While not all attacks are reported, tracking those that are paints a worrying picture. It’s estimated that in the first quarter of 2016 alone, about $209 million was paid in ransoms by individuals and organisations (and less than half of those victims actually got their data back). While the majority of ransomware attacks occur in the US, South Africa is listed in the Top 20 most-targeted countries.
Toward the end of last year, Kaspersky Lab also reported the number of ransomware attacks targeting companies increased threefold between January and September 2016 – with one attack occurring every 40 seconds. According to the report, small and medium sized businesses are hardest hit.
Disgruntled employees getting their own back
Of particular concern to businesses and organisations is the threat of disgruntled employees using ransomware to get back at their former employer. Such attacks are usually done with greater knowledge of an organisation’s back-end systems and intellectual property – with potentially catastrophic results.
Protect your business
So where do you even start when it comes to protecting your business-critical data from ransomware? Prevention is always the best line of defense. Here are some key guidelines:
- Have a robust offline back-up system and ensure back-ups are done regularly so a ransomware recovery strategy is in place at all times.
- Ensure you have up-to-date anti-virus and security software installed on all devices that have access to your company data.
- Ransomware always targets the weakest link in the security chain – people. So educating your staff and IT department is absolutely essential. Your staff should be able to recognise suspicious websites, dubious emails and attachments.
- Be restrictive in how you give employees access to shared resources. Not all employees need the same access rights. It’s also recommended to segment your network in order to prevent a single breach from infecting the entire system.
In the event of your company data being held for ransom, it’s important to immediately report it to the authorities and to seek assistance from cyber security experts.
The team at Cyanre are available to help recover and restore any lost data to get you back in business as quickly as possible. With our knowledge of the cyber security landscape, we’re able to advise companies on network security and conduct in-depth investigations into any breaches. Get in touch here.