The Evolving Threat of Ransomware
The meteoric rise of ransomware has garnered substantial attention over the past decade and for good reason: the malicious software attacks can cripple their intended targets.
Now, recent data is shedding light on an evolving threat – while overall ransomware infections have decreased, enterprise infections have grown by nearly 12 percent in 2018 and account for 81 percent of total attacks.1
With danger on the doorstep for millions of businesses both large and small, precautions and counter measures must be put into place to protect critical infrastructure and data.
What Is Ransomware?Ransomware is a malicious software created to deny access to a computer system until a ransom is paid. Ransomware can be spread in a variety of ways: a phishing email that appears as a legitimate invoice, image or link, a visit to an infected website or an ad containing malware than has been injected into a legitimate webpage. When an unsuspecting victim opens an email or inadvertently falls into an online trap containing ransomware, the virus is silently installed on the victim’s computer.
Ransomware manifests in different ways. Lock screen ransomware displays a window that prevents access to any part of the computer until a ransom is paid, while file-encrypting ransomware keeps the computer available but scrambles certain files and databases, then displays a pop-up screen with instructions on how to buy a private decryption key that will unlock the scrambled files.
Business ImpactBusinesses remain a growing target due to the susceptibility of employees – in fact, some studies suggest phishing emails are clicked eight to 20 percent of the time, depending on content.2 To make matters worse, phishing grew nearly 41 percent in 2018.3
In a recent survey, 66 percent of business decision makers have indicated they are ‘very to extremely concerned’ about the risk cyber threats pose to their business.
45 percent of businesses effected by ransomware ultimately paid the hackers, but only 26 percent had their files unlocked. The average cost of an attack – including the ransom fee and associated business losses – totaled more than $900,000.4
Protection From an AttackThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) recommends the following steps to protect yourself or business from a ransomware attack:
About The Author: With over twenty-five years experience, Pat Thompson, CPCU, is a respected veteran of the property and casualty insurance industry. His commercial lines underwriting experience and independent agency ownership make him qualified to properly mitigate risk of any business.