The meteoric rise of ransomware has garnered substantial attention over the past decade and for good reason: the malicious software attacks can cripple their intended targets.
Recent data sheds light on the evolving ransomware threat, as enterprise ransomware attacks increased by 78% throughout the course of 2021 and accounted for 81 percent of total cyberattacks from 2020 to 2021.2,3
With danger on the doorstep for millions of businesses both large and small, precautions and counter measures must be put into place to protect critical infrastructure and data.
What Is Ransomware?
Ransomware is a malicious software created to deny access to a computer system until a ransom is paid. Ransomware can be spread in a variety of ways: phishing emails, remote desktop applications and system vulnerabilities. When an unsuspecting victim opens an email or inadvertently falls into an online trap containing ransomware, the virus is silently installed on the victim’s computer. In fact, ransom demand amounts rose 144% from 2020 to 2021, according to Unit 42 by Palo Alto Networks. 4
Ransomware manifests in different ways. Lock screen ransomware displays a window that prevents access to any part of the computer until a ransom is paid. Conversely, file-encrypting ransomware keeps the computer available but scrambles certain files and databases, then displays a pop-up screen with instructions on how to buy a private decryption key that will unlock the scrambled files.
Businesses remain a growing target due to the susceptibility of employees – in fact,
businesses remain a growing target due to the susceptibility of employees – in fact, studies suggest end users will fall for phishing emails over 37 percent of the time.5 To make matters worse, phishing attacks reached an all-time high in Q1 2022, increasing by 54%.6,7
In a 2022 survey, business leaders indicated that Cyber is the number one risk that their business faces, with 40% of all respondents listing cyberattacks as a serious risk.
Reports indicate that over 60 percent of businesses effected by ransomware ultimately paid the hackers in 2021, with ransom payments costing organizations an average of over $900,000 in 2022. 8,9 The average total cost for a business to recover from a ransomware attack in 2021 was close to $2 million, and businesses additionally experienced an average of approximately 24 days of business downtime due to ransomware attacks in 2022.10,11
Protection From an Attack
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recommends the following steps to protect yourself or business from a ransomware attack:
- Update software and operating systems with the latest patches. Outdated applications and operating systems are the target of most attacks.
- Never click on links or open attachments in unsolicited emails.
- Backup data on a regular basis. Keep it on a separate device and store it offline.
- Restrict users’ permissions to install and run software applications and apply the principle of “least privilege” to all systems and services. Restricting these privileges may prevent malware from running or limit its capability to spread through a network.
- Enable strong spam filters to prevent phishing emails from reaching the end users and authenticate inbound email to prevent email spoofing.
- Scan all incoming and outgoing emails to detect threats and filter executable files from reaching end users.
- Configure firewalls to block access to known malicious IP addresses.12
- Audit your network for systems using Remote Desktop Protocol (RDP) for remote communication and disable the service if unneeded.13
- Be sure to enable strong passwords along with multi-factor authentication for any RDP-enabled systems.13
Businesses may also want to look at their insurance needs to make sure they’re covered against ransomware and other types of cyberattacks. For example, The Hartford offers products and services that businesses can access for cybersecurity services, employee training and education to reduce cyber risks.