Imagine you receive an e-mail that looks normal and ordinary upon opening. There’s an attachment included, so you download it since the e-mail comes from a business and appears harmless. However, after downloading the attachment, your computer freezes up and is inaccessible. What just happened? You became a victim of a ransomware attack and your hardware was seized.
Ransomware has been around for years and continues to be a major worldwide security issue for both businesses and consumers. Ransomware is spread by hackers who send what appear to be normal e-mails, but in reality, the links or attachments that are included within the e-mail are malicious. Once the user clicks or downloads items within the e-mail, their hardware is compromised by malware, making it impossible for the user to access their computer. In order for the computer to become unlocked, the hacker will request a ransom that can range anywhere from $60 up to thousands of dollars.
Vanson Bourne, a technology market research company, recently interviewed several organizations that experienced a ransomware attack. They found out approximately half of the organizations that were polled had suffered a ransomware attack within the past year. 94% felt the attack negatively impacted their organization - causing an increased budget towards IT security (67 percent), a modification of their current IT security strategy to focus on mitigation (52 percent), or caused a weakening in confidence within their current online security solutions (45 percent).
The same survey also revealed the top three ransomware targets – employee information (42 percent), financial data (41 percent), and customer information (40 percent).
“Ransomware has become one of the most successful forms of cybercrime in 2016 and is on the top of every security professional’s list of most prolific threats,” said Jeremiah Grossman, Chief of Security Strategy at SentinelOne. “It’s not surprising to see high levels of apathy towards traditional antivirus software, and we don’t expect the ransomware epidemic to slow down anytime soon.”
So how exactly were these hackers able to gain access to these organizations? 81 percent of respondents were attacked through a social media account or a malicious email. Around half of the respondents were attacked via a drive-by-download by clicking on a corrupt link while 40 percent were infected by a botnet via a computer.
“As they have for decades, cyber-criminals continue to illegally access sensitive data by simply tricking users. This problem has not been addressed nor can it be solved by adding more firewalls and end-user trainings,” concluded Grossman. “To make a positive impact, both customers and vendors must make real changes to the defense tools they use and design. It’s clear that there’s an immediate need for a new generation of security technologies that can discover, stop and adapt to the new breed of threats and hacker strategies.”
Another study conducted by Barkly, an endpoint protection company, surveyed 60 different businesses that were also attacked by ransomware. They found out that 95 percent of ransomware attacks were able to avoid firewalls and 77 percent of attacks were able to get through email filtering. In addition, 52 percent of the ransomware incidents bypassed anti-malware, exposing a major hole in cyber protection.
Ransomware has proven to become one of the main threats regarding security. Businesses of all sizes can become victim to a ransomware attack, so it is vital to have the right solutions in place to protect your business.