Ransomware Costs Companies Millions. Don’t Be The Next Victim
Business is booming - especially for hackers looking to use their attacks to generate income.
Ransomware attacks rose significantly in 2017, growing 350% over the previous year, according to research from Dimension Data. This growth means that ransomware went from 1% of malware to 7% in just one year. Experts don’t expect it to slow down in 2018.
Biggest Corporate Attacks
2017 was a banner year for ransomware attacks, as the WannaCry attack hit companies around the globe, including FedEx and Nissan in May 2017. The Petya ransomware followed in June 2017, attacking Merck & Co., Heritage Valley Health System and Maersk, among other global companies.
Healthcare organizations are particularly vulnerable to these attacks. Ransomware attacks grew 89% from 2016 to 2017, according to an article on HealthcareInfomatics.com. The six largest attacks in the healthcare industry were all ransomware.
This trend is continuing in 2018, with healthcare organizations across the country reporting attacks. In California, 85,000 patient records were affected at the Center for Orthopaedic Specialists when hackers shut down their systems and encrypted patient data, according to healthcareitnews.com.
Earlier this year, Hancock Health in Indiana had to pay $47,000 to unlock its patient data after SamSam ransomware infected the hospital’s IT systems. The hospital’s leadership chose to pay the ransom instead of trying to recover their systems on their own in order to minimize any disruption in patient care, according to HealthcareITNews.com.
Why Employees May Be Your Weakest Link
More hackers are looking to social engineering to find exploitable vulnerabilities, according to research by Dimension Data. Many of these attacks use emails to get unsuspecting employees to click on attachments or links with malware.
Almost 70% of UK ransomware attacks can be traced back to email or social media, according to scmagazineuk.com. About 50% of these cases were due to employee negligence, and in some cases employees even paid ransom without company authorization.
Employee inexperience or carelessness is expected to remain the top cause of successful malware attacks, the article said. This just reinforces the need for employee education programs in conjunction with advanced anti-virus and anti-malware software.
How To Protect Your Organization
Ransomware will continue to be a major threat for businesses, so it’s important to hold employee education programs on this topic. Show employees examples of suspicious emails and links and reinforce the importance of not clicking on links or opening attachments from unknown sources.
You can also send out simulated phishing attacks to test your employee’s awareness and see how often the emails are clicked, according to an article on Wired.com.
Backing up critical business information daily ensures you can restore systems that are infected in a malware attack and limits the damage done. Following other best practices such as keeping your anti-virus and anti-malware software current, whitelisting applications and segmenting servers to prevent potential damage also help minimize damage done by a ransomware attack.
Communicate Instantly To Help Limit Damage
Regardless of how prepared an organization is, there’s still a good chance a ransomware attack will be successful. As part of your overall cyber threat planning, companies need to be able to communicate with all their employees immediately.
Look for a system that will allow you to reach out to every employee on multiple channels so you can instantly alert them of the threat, have them shut down any infected systems or applications and tell them what alternate systems they can use instead.
Take action and stop ransomware attacks as soon as possible. Learn how reacting immediately to cyber threats and IT outages is just one way to improve your service desk response times. Download our new eBook to learn more.
You are well on your way toward protecting your staff and organization.
Take the next step toward protecting your organization by learning more about emergency notification systems and the vital role they play in your emergency preparedness plan.