If your business has not been impacted by ransomware yet, consider yourselves fortunate. Per a survey of 1,100 IT and cyber security professionals, as conducted by a cyber security firm in 2021, ransomware attacks hit 80% of those organizations in 2021 alone, and more than 60% of those who were targeted by the attacks paid the ransom. That is why it is important to educate your employees about the insidious threat posed by ransomware.
Ransomware first occurred as early as 1989. A conference attendee distributed floppy disks to fellow attendees that contained a virus disguised as a survey. Once activated, the virus encrypted the filenames of files on the victim’s computer and instructed the victim to mail a ransom of $189 (approximately $432 in 2022 dollars) to a post office box located in Panama in order to receive the key to the encryption.
This first attempt wasn’t very successful, but today ransomware has become one of the most common and dangerous cyber threats. In order to protect your employees from ransomware, you need to educate them about the dangers of this threat and how to avoid it.
What Is Ransomware?
Ransomware is a type of malware that encrypts files on a computer or mobile device, then demands a ransom payment to unlock them. The ransomware can spread through malicious emails, infected websites, or by being installed unwittingly by someone who opens an infected attachment or clicks on a link that has been spoofed so that it appears to come from a legitimate source. Less common, but still possible, is the spread of ransomware via USB thumb drives (and before that, as mentioned above, floppy disks).
When targeted to individuals, the ransom is usually small, only a few hundred dollars. However, when targeted to businesses, cyberterrorists can demand thousands or sometimes even millions of dollars. In addition to the ransom itself, the cost of ransomware also includes the time your business is shut down while your systems are being restored as well as the costs of conducting your incident response and data recovery.
Ransomware has become a more common threat in recent years, as cybercriminals have become more sophisticated in their tactics. Per the FBI’s Internet Crime Complaint Center, there were 2,084 ransomware complaints from January to July 2021, a number that was “a 62 percent increase in reporting and 20 percent increase in reported losses compared to the same time frame in 2020.”
These attacks cost both consumers and businesses an estimated $16.8 million in losses, and this number may be less than the actual costs, given that many companies do not report ransomware attacks for fear of negative publicity or continued attacks.
How to Educate Your Employees about Ransomware
One of the best ways to protect your organization from ransomware is to regularly train your employees about what to look for in a suspicious email and what actions they should take if they believe they have been sent a malicious email or other communication.
Employees should be aware of the signs of a ransomware attack, as typically the perpetrators of ransomware will commit “dry runs” to test a company’s IT security before launching an actual attack.
Your employees should undergo at least an annual training on how to identify risky emails and attachments. IT departments should send out periodic “test” emails to employees that are designed to simulate potential ransomware or phishing emails, in order to evaluate the effectiveness of this training or to establish a baseline to determine if training is required. If any employees fail to recognize a risky email, they should be trained or retrained as necessary.
Also, all employees should be trained on the importance of maintaining secure identity and access management protocols – for example, creating strong passwords that are changed every 2-3 months. You could also consider implementing a password manager program.
Furthermore, as company policy, all technology used for company business – whether onsite or in the homes of employees – should contain applicable antivirus and firewall security. If necessary, a secure VPN with multi-factor authentication should be installed and utilized.
What Else Should We Do to Protect Against Ransomware?
Another important step is to ensure that your IT department has prepared for a cyber attack and has a robust disaster recovery plan in the event that a ransomware attack is successful. All key company data should be securely backed up to the cloud and accessible from an alternate location in the event that your onsite machines or any virtual machines become unusable due to a ransomware lockout.
If you need assistance with any of the above, we can assist in creating and administering a thorough training program to your employees, educating them in strong cybersecurity practices and the signs of potential ransomware attacks, or evaluate and strengthen your backup and retention practices..
These programs can be tailored to the needs and elements of specific departments, depending on the type and sensitivity of information they handle. For example, the accounting department could receive specific training on how to spot a fake invoice containing a virus from a spoofed vendor email.
We can also evaluate your current protections, including the current knowledge of employees regarding responsible cybersecurity protocols. We can recommend solutions if deficiencies are discovered and assist you in implementing and even managing those solutions.
Help protect your business and educate your employees by contacting Socium Solutions today.