Most Businesses Unprepared for Ransomware Attack
A new study published by Tripwire says that not only are most businesses not prepared to defend against a ransomware attack where hackers take over the systems of a business in order to hold them hostage until they pay money to regain access, but they are also unable to recover if an attack does happen.
After surveying 200 security experts attending RSA Conference 2016, only 38% said they were “very confident” that their company could handle a ransomware attack without the loss of critical data. Even more telling was that while the majority of respondents had seen an increase in phishing scams, they also didn’t have confidence that executives were savvy enough to recognize them.
Unfortunately, these somewhat grim findings will probably lead to more cyber criminals being paid their ransom, which ultimately leads to more ransomware, because why wouldn’t you do it again if it worked the first time. It’s a matter of whether or not it’s more cost effective to pay the ransom or start all over from back-ups, assuming a company even has back-ups. Since most ransomware has a limited time to pay before the price starts going up, there’s usually a short window to make a decision.
There was some good advice that came out of the study though. When asked what users could do to prevent ransomware, the number one answer was to not click on suspicious links. Training users to be aware of phishing scams is your first line of defense. The second most important thing was to make sure you have a back-up and restoration procedure in place and that you back-up often. Being able to restore your data quickly and efficiently could make a difference considering you may have a limited amount of time to do so.
If you think you might be at risk for being taken advantage of by ransomware, download the free Ransom Protection Checklist or sign up to receive it by mail. If you find that you might be at risk, schedule a free 10 minute Ransomware Safety Review.