More

    How to Protect Your Organization from Ransomware

    Ransomware is taking organizations of all sizes by storm with a keen eye on the health care sector, as made evident by recent outbreaks in the Hollywood Presbyterian Medical Center in Los Angeles, and more recently the Methodist Hospital in Henderson, Kentucky. Although the ransom can be costly, the reality is that the downtime inflicted by ransomware can be even more damaging to businesses.

    A recent report commissioned by Intermedia found that 72 percent of employees were unable to access their files for at least two days, and 32 percent were locked out for five days or more. Richard Walters, SVP of Security Products at Intermedia, believes that companies need to take this emerging threat more seriously, and can start to do so by taking the necessary steps to minimize the damages.

    How to Protect Your Organization from Ransomware - slide 1

    Minimizing Ransomware Risks

    Click through for steps organizations can take to minimize the potential damages caused by ransomware, as identified by Richard Walters, SVP of Security Products, Intermedia.

    How to Protect Your Organization from Ransomware - slide 2

    Ransomware on the Rise

    Ransomware is one of the fastest-growing trends in cyber crime, largely due to an overall increase in processing power that makes it possible for infected computers to encrypt their own files in a matter of hours. Compounding the problem is the rise of anonymous payment systems such as Bitcoin, which makes it easy for criminals to accept payment without fear of being traced. According to Intermedia’s report, 43 percent of IT consultants have had their customers fall victim to ransomware and 59 percent of respondents expect the number of attacks to increase this year.

    How to Protect Your Organization from Ransomware - slide 3

    The Next Great Threat to Business IT

    When companies are victimized by ransomware, they then have to find a way to retrieve their data and get affected employees back to work before it significantly affects the business. While the ransom demanded can be costly at up to $5,000 per user, downtime is often even more detrimental. Intermedia’s report found that 72 percent of organizations could not access their data for at least two days following a ransomware outbreak, and 32 percent lost access for five days or more. Even worse, 19 percent of the companies that paid the ransom still didn’t get their files back. This interruption to “business as usual” can result in lost opportunities and decreased customer satisfaction that can have long-lasting ramifications on a company’s success.

    How to Protect Your Organization from Ransomware - slide 4

    The Target

    As ransomware continues to evolve, so do its targets. Nearly 60 percent of businesses hit by ransomware had more than 100 employees, and 25 percent were enterprises with more than 1,000 employees. What’s more, the virus was observed propagating rapidly within corporate networks: 86 percent of outbreaks affected two or more employees, and 47 percent spread to more than 20 people. While targeting larger businesses results in a bigger payout, every individual and company needs to be on alert – with ransomware, any type of data is vulnerable to being held for ransom. The following slides highlight five steps organizations can take to prep themselves against this pervasive threat.

    How to Protect Your Organization from Ransomware - slide 5

    Educate

    In a recent study, 94 percent of people couldn’t tell the difference between a real email and a phishing email 100 percent of the time. Business leaders should promote security awareness among their employees, and train them to be able to spot phishing emails before they click. It’s important to note that the employees are the frontline and the most vulnerable when it comes to the success of these attacks, so they should be best equipped to spot them.

    How to Protect Your Organization from Ransomware - slide 6

    Protect

    Ransomware attacks use various points of entry – including infected web pages, thumb drives or emails. While phishing tactics have typically been used to trick users into sharing sensitive information, this method is now being used to deploy ransomware. To effectively defend against these kinds of attack methods, email defense should go beyond spam and virus scanning. It should also be sophisticated enough to recognize and block phishing attempts. While you need to block every single attack, the criminals only need to succeed once. Plan in advance for how you’ll contain the damage before they do finally break through.

    How to Protect Your Organization from Ransomware - slide 7

    Contain

    Usually when ransomware hits, IT doesn’t learn about the infection until after the malware is already inside the network and the damage is well underway. If your business is a victim of a ransomware attack, your top priority should be to isolate the infection to keep it from spreading. It’s critical to take infected machines off the network immediately and to identify the source of the malware so that any security vulnerabilities can be patched.

    How to Protect Your Organization from Ransomware - slide 8

    Prepare

    Businesses should plan in advance for how they’ll contain the damage and keep business operations up and running in the event of an attack. It’s important that companies implement business continuity solutions that allow them to conduct mass rollbacks to clean versions of files, while enabling users to continue working from alternate devices. Such a solution enables employees to remain productive during a ransomware outbreak without the forced option of paying the ransom.

    How to Protect Your Organization from Ransomware - slide 9

    Decide

    Evaluate if paying the ransom is your best bet. If you have off-site, real-time cloud backup, then you will be able to dodge downtime and get back up and running without giving in to the criminal’s demands. But if you aren’t prepared for an outbreak, paying to regain access to the files may be more pocket-friendly than halting business operations for an extended period of time. Seventy-two percent of infected business users could not access their data for at least two days following a ransomware outbreak, and 17 percent were down for at least 10 days – that’s time and money that can never be regained. Can you afford to take that risk?

    Latest Articles