Businesses of all sorts have been targeted by cybercriminals hoping to make a quick buck. In the first quarter alone, attacks increased 195% from the fourth quarter of 2018. The healthcare industry is predicted to lose approximately $25 billion in 2019, just a fraction of the $1 billion annual global revenue cybercriminals get from ransomware.
Perhaps more surprising than the recent influx of attacks is the unpreparedness of cybersecurity professionals, of whom only 50% feel their organization is ready to counter the increasing numbers and complexity of these attacks.
In just the first five months of 2019, there have already been several major ransomware attacks, and that number is only bound to increase. Let’s take a look at some of the worst attacks and the impact on the business community they’ve had this year.
Cybersecurity,Email Security,Ransomware Attack,Ransomware,Managed Services
This particular ransomware first hit in August of 2018 and it has affected more than 100 U.S. businesses to date. In a matter of two weeks, cybercriminals gained approximately $640,000 in ransoms. The most prominent businesses affected include logistics companies, technology firms, and small municipalities. The method for distributing this malware usually involves remote desktop protocol and email phishing. As it turns out, in comparison to other ransomware, the payment costs and the average length of recovery are considerably higher than other attacks. With a relatively narrow distribution, experts suggest the targets of this ransomware may have been part of the developer’s plans.
Like many cities before it, Baltimore’s computer systems are currently being held hostage. This ransomware stops Windows services and disconnects all network shares from computers, meaning that each device is a target. As is the case with other attacks, critical files are encrypted and stored elsewhere until the evildoers receive the ransom. While the city had not given into the attackers’ demands as of a month after the attack, the total cost of recovery has still escalated past $18 million and could go much higher. RobbinHood does not target specific users or businesses but searches for exploitable vulnerabilities before wreaking havoc.
While ransomware is nothing new, many organizations are still trying to figure out how best to deal with these attacks — one of the main issues being whether or not to pay. The situation many businesses are put in by malware is avoidable. From applications to procedures, there are several ways organizations can combat these increasingly more common attacks.
Basic technologies your clients should be using:
- Email security with spam and malware blocking
- High-quality antivirus software and firewalls
- A secure corporate VPN for all devices
- Encryption to safeguard sensitive data
- Data backup for critical data
Procedures to implement:
- Train employees on best practices for spotting phishing emails and reporting issues with their computers. Staff members are not always the weakest link ‒ they can be your greatest asset when it comes to catching potential malware and neutralizing cybersecurity threats.
- Ensure that all security applications are kept up to date and patched properly.
A ransomware attack doesn’t have to have devastating repercussions on your clients. In fact, these incidents don’t have to happen at all if an organization is well prepared and follows a layered approach to cybersecurity. A great starting point when building those defenses is to bolster your clients’ email protections to neutralize the biggest threats.