The latest reports about global cyberthreats are alarming. Ransomware is on the rise, and small and mid-sized businesses are the victims.
Incidents of ransomware, which holds your data hostage until you pay up, increased a shocking 167 times in 2016. That’s 167 times (not 167 percent), from 3.8 million attack attempts in 2015 to 638 million in 2016, according to cybersecurity company SonicWall.
Cybercriminals turned to ransomware in 2016 because it’s easy money. While the number of unique malware samples actually fell last year, ransomware-as-a-service (RaaS) now provides hard-to-trace toolkits for crooks to use.
Pay Up or Else
A separate report shows that to date, ransomware works. According to a survey by Ponemon Institute and Carbonite, more than 50 percent of small and medium-sized businesses fell victim, and 48 percent of victims paid the ransom. Moreover, ransomware pays off quickly, typically in about 2 days, and with the spread so fast, cyber criminals earn on volume. Victims paid an average $2,500 per incident—but it adds up.
For a lot of companies minding their own business, it seems preposterous that they’ll be attacked by cyber criminals. What could you possibly have that they want?
That’s the thing with ransomware: cybercriminals don’t really want your data. But they know you do, and that’s what gives it value.
Unfortunately, if you use a computer—and don’t take adequate steps to protect it—you’re at risk. According to the SonicWall report, industries as wide ranging as mechanical and industrial engineering, pharmaceuticals, financial services and real estate each experienced a similar proportion of attacks.
3 Layers of Protection
So how do you protect your company’s IT systems from ransomware?
At Echopath, we use a three-layered approach for IT Security:
1. Cloud-based Secure Internet Gateway
As business and users have moved to the cloud, traditional firewall approaches for corporate networks are not enough. We protect at the DNS (domain) level over all ports and protocols. Also, the platform routes requests to risky domains for deeper URL and file inspection, and should devices become infected, it also prevents connections to attacker’s servers in order to stop data exfiltration and execution of ransomware encryption.
2. Email Security
Email phishing is the primary distribution strategy for ransomware. Our email gateway detects and blocks malicious emails by analyzing attachments, documents and URLS before they are delivered to users computers.
3. Device and Endpoint Security
Traditional antivirus software is a pain, for two big reasons: first, it only really works if every device has updated with the latest information, and second, it often slows down desktop PCs. The solution we use communicates with the cloud, so there are no big definition or signature updates to deploy, and the malware detection occurs continuously, in real-time, without performance issues.
Together, these three layers of defense actively monitor and protect against ever-shifting ransomware and malware threats.
Aside from educating employees on what ransomware looks like and what not to click—hardly foolproof considering the lengths ransomware goes to mimic legitimate sources—companies should also have plans in place in case they do, in fact, click what they shouldn’t.
Companies hit by ransomware typically don’t pay up if they have alternative sources of the same data that is held hostage. A solid backup and disaster recovery plan, with sufficient Recovery Point Objectives, will ensure you have the option of restoring a recent version of your data, without paying a cent.
Ransomware presents a real and growing threat to businesses of all sizes. If you don’t have a plan in place, contact us to discuss how we can help protect you.