February 07, 2017

5 Dangers of Ransomware Everyone Should Know About


Is your business taking steps to prevent ransomware attacks? 

Ransomware is a form of malware that usually enters a victim’s computer or mobile device as an attachment in an email or during a visit to a compromised website. Once inside, a cybercriminal can remotely encrypt information. With files locked down the criminal sends a ransom demand, which must be paid before a decryption key – and access to files – is provided.  

Nearly one in two business executives in a recent IBM-X Force study had experienced a ransomware attack in the workplace. The study showed that 40% of all spam emails sent in 2016 contained ransomware.

What are the some of the biggest dangers of ransomware?

Operations: With our reliance on digital information today, a ransomware attack can put everything on hold and at risk. For example, when a US medical centre was victimised last year, high-risk patients had to be diverted to other hospitals and paper records used until the ransom was paid.

Time: The longer an organisation waits to respond to ransomware, the more business functions and reputation can suffer.  

Money: Of the 54% of UK businesses targeted by ransomware in recent Malwarebytes research, more than one-third lost revenue and many closed completely. The IBM study showed that victims paid between £8,000 and £40,000 in ransom. There can be non-compliance fines too.  

Mobile: The McAfee Labs 2017 Threats Predictions report said ransomware is one of reasons why mobile malware attacks are increasing. The report pointed out that attacks are combining ransomware or locking a mobile device with stealing credentials – to allow attackers access to bank accounts and credit cards.

Small Businesses: Only 29% of small businesses have experience with ransomware attacks compared to 57% of medium-size businesses. Plus, only 30% of small businesses surveyed provide security training to their employees.

Here are best practices recommended for ransomware prevention:

  • Create a clear response plan. It should include criteria for determining whether or not to pay to unlock data.
  • Back-up data.Plan and maintain regular backup routines.  
  • Keep web browsers and plug-ins updated.Maintain regular software updates for all devices, and prioritise patching.
  • Disable macros. Document macros were associated with ransomware infections in 2016 – disable macros from email and documents to avoid infection.
  • Train staff in best practices. Don’t click on any links or attachments in emails received from an unsolicited sender, for example. Visit only reputable websites.
  • Ransomware data recovery. After a ransomware incident (and whether the ransom was paid or not), it’s important to address the fallout and to improve safeguards.  
  • Manage reputation damage. If reputation is affected, communicate to customers and the industry, engage stakeholders, and strengthen security to prevent another attack. 
  • Document management. Inventory all data and systems, and purge information and obsolete devices that are no longer needed. Work with a reliable information destruction company for secure hard drive and e-media destruction.

Learn how a comprehensive document management policy can protect your workplace with this guide.