According to a latest research conducted by ESET (one of the best security vendors), more than 1/3 of businesses have been attack by ransomwares or know a corporate that has.
ESET polled almost 200 cyber security experts at the yearly InfoSecurity Europe conference in June 2015, where the experts discovered that 84 percent of all corporates believe their business would be completely destroyed if it were strongly attacked by ransomware.
Also 31% (almost one third) accepted that if their business networks were attacked they would have no option rather than paying the attacker with the purpose of having mission sensitive information decrypted.
Although every ransomware tries to extort cash from the target, there are many variants which established about it in a slightly diverse approach. Ransomwares include early editions of pretended ‘police themed’ which covers demands to seem like official cautions from the regional police office – demanding payment stating fine to resolve a made-up violation.
Reveton is perhaps the most prominent of these ransomwares.
In the recent times, cybersecurity writers have presented even more horrible ransomware versions which normally encrypt the target’s data until a variant is paid, as a result of which they get the decryption passcode.
CryptoLocker and CryptoWall are among the most notorious of this sort of variant.
Actually, earlier this week a notice from FBI claimed that the CryptoWall has cost American targets more than $18 million since April 2014.
The Feds urged consumers to keep their firewalls and antivirus software up-to-date, to stop clicking on malicious looking web content and emails and to continuously backup system documents, in order to decrease the danger of a ransomware.
In the month of April 2014, an innovative cyber security expert released a Ransomware Response Kit to aid IT admins answer quicker to the attack of such ransomwares.
ESET’s cyber security specialist, Mark James, recommended companies should remain up-to-date with OS (operating system) and apps, and make sure to install only the applications they require.
He said to Infosecurity, education of the staff members is also very important to make sure they can easily pick the email scams.
James explained, “The single biggest step you can take is to ensure you have a good point-in-time backup in place that has been tested to ensure it’s working. Regular restores are a must to ensure you can retrieve your data when it’s most needed. Having a good internet security product will help you mitigate the chance of actual infection in the first place so should be in place for all machines that access your network and/or the internet.”
“Having tiered network access could limit the damage of ransomware but is not always practical. Showing hidden file extensions can help to spot the onset of ransomware and lastly you could consider using one of the crypto-prevent toolkits that are available from third parties to monitor or block access to the most used locations that ransomware uses. Please consider the fact that paying the ransom is just funding crime and ideally should not be a consideration at all,” he added.
To sum the report at our end on the behalf of Security Gladiators, I can say corporate security risks vary a great deal but ransomware has got an accountable part of this cake.
Top/Featured Image: By Yuri Yu. Samoilov / Flickr