The threat of ransomware, when hackers infect devices with a virus and hold data hostage until a sum of money has been paid, is only getting worse. According to Cybersecurity Ventures, global ransomware damage costs are predicted to exceed $5 billion (£38 billion) in 2017, which is up from $325 million (£247 million) in 2015.
Even with the increased publicity and impact of global ransomware attacks like WannaCry and Petya, and emerging strains such as Bad Rabbit, awareness still lags behind. About one-third (31%) of office workers admit they aren’t familiar with ransomware. This is not for lack of effort among companies though, with 70% of office workers saying their businesses regularly communicate about cyber threats and nearly one-third (30%) saying their businesses specifically highlighted the WannaCry ransomware attack as an example.
While education helps with confidence in detecting ransomware, employees aren’t always instructed on what to do if they are a victim. As a result, employees hit by ransomware may take actions that could dramatically undermine their businesses security efforts – and damage their bottom line.
Employees shoulder costs of ransomware payments more often than employers. Of the office workers that have fallen victim to a ransomware attack at work, the majority (59%) paid the ransom personally, and 37% said their employers paid, demonstrating employees and employers alike don’t feel like there is an alternative to paying the ransom.
For those whose businesses highlighted WannaCry specifically and have been hit by ransomware, surprisingly 69% still paid a ransom themselves, further highlighting that most office workers don’t know what to do if they are hit.
– More than 73% of impacted Millennial workers affected by ransomware, often viewed as the most computer-savvy group of employees, report paying a work-related ransom
– 68% of impacted owners / executive management said they personally paid a work-related ransom.
“Employees are willing to go to great lengths to try to get data back, including paying ransoms out of their own pockets, even though 19% of the time the data isn’t released even after the ransom is paid. Organizations need to focus education efforts not just on what ransomware is, but what steps employees should take if they are impacted. Regular communication is especially important right now with new malware strains like Bad Rabbit posing as seemingly harmless Adobe Flash updates. There are steps that can be taken to not only prevent these attacks from happening, but also, should one occur, to get the data back without paying the ransom. Simply put, the growth in ransomware attacks is fueled by the people and organizations willing to pay a ransom,” said Jonathan Levine, CTO at Intermedia.
“As ransomware continues to evolve and become more advanced, organizations of all sizes and types must acknowledge it as a very real threat,” Levine continued. “This is especially true for SMBs that may not have the resources, tools or training that larger organizations use to recognize, prevent and protect themselves from such attacks. Ransomware can infiltrate and shut down an entire business through just one infected computer. More often than not, SMBs feel they are forced to pay a ransom they can’t, but must, afford. And hackers realize this.”
Much of the pain and agony ransomware inflicts can be prevented. Even once the initial damage is done, educated employees can still help to contain the infection by closing their computer to get it off the network.
WHAT SHOULD BUSINESSES DO?
Employees need to know about the dangers of dealing with cybercriminals directly. Businesses cannot let shame or lack of knowledge drive their employees to feel like paying a ransom themselves is even an option. Simultaneously, businesses should have a continuous backup product. This will reduce the file restoration process down to minutes. Productivity won’t be held at a standstill, and businesses won’t need to pay the ransom in the first place.