Coping with the Surge of Ransomware
September 13, 2016 by Bill Rosenthal

According to a report published this summer by Kaspersky Labs, the use of ransomware cryptors is enjoying explosive growth. A ransomware cryptor is a piece of malware that infects your computer and encrypts your data. You have to pay the ransom to obtain the decryption key. Kaspersky Labs says the number of users attacked by cryptors increased by a factor of 5.5 over the last year, from just over 130,000 to nearly three-quarters of a million. These attacks are not limited to desktop computers. They can infect mobile devices as well. Furthermore, the surge in ransomware seems to be targeting corporate users.

In a typical ransomware attack, the criminal will offer you the decryption key for a price and give you a deadline (usually 2 or 3 days) to pay it. If you haven’t paid by the deadline, the ransom increases. If you don’t pay by the next deadline, the criminal may delete the encryption key, making it unlikely you’ll ever see your data again.

There are variations on this scenario. In one of these variations, you pay the ransom and the criminal doesn’t provide the decryption key, because what does the criminal care whether you get your data back or not? After all, most criminals don’t choose their profession out of a commitment to customer service. In another variation, you pay the ransom, get the decryption key, and bugs in the software cause it to destroy some or all of your data in the decryption process, because what does the criminal care about software product quality?

Of course, even if you’re dealing with a conscientious criminal who attacks with bug-free ransomware and provides effective decryption keys when paid, the ransom is just the beginning of your costs. The costs of remediation, lost business, and damaged morale can exceed the cost of the ransom. If you don’t want the hassle and expense of being victimized by ransomware, have a backup strategy that backs up your files off the network. But the very best way to deal with ransomware is to not get infected by it.

A criminal can infect your system with ransomware through email phishing or a counterfeit website. Fortunately, there’s a reliable way to fight both of these vectors: ensure that your users are at least as sophisticated as the criminals. That’s not to say your users have to be technically skilled. They just need to be able to tell the difference between what’s trustworthy and what’s suspicious.

Our CyberSAFE Readiness Test can help determine your particular users’  level of sophistication and vulnerability to attack. You can access the test at no charge. Contact us at +1.800.889.8350. Once you have seen how much training your users need, you can provide it with our CyberSAFE class, which prepares your employees to identify many of the common risks associated with using conventional end-user technology, as well as how to safely protect themselves and their organizations from security risks. And now we also offer CyberSAFE Anytime through our CHOICE® platform. It combines the best of learning at your own pace with the ability to draw on support from an expert mentor. 

If you’re like most organizations, when you lose your files, you lose your business. Your employees’ ability to distinguish between the trustworthy and the suspicious may be all that stands between your company and ruin.