Ransomware is the latest buzzword concerning IT security these days, and it is a serious problem for businesses of all sizes. However, small- and medium-sized businesses are hardest hit as ransomware attacks against businesses continue to rise. Later, we’ll look at how serious the problem of ransomware is viewed by law enforcement and the steps they are taking to thwart the problem.
Last year, 2015, was a boom year for ransomware and malware. Symantec, an internet security firm, reports there were 430 million new and unique pieces of malware in 2015, representing a 36 percent increase from the prior year, which amounts to more than 1 million new malware versions created daily throughout the world. Like a bad cold, malware can spread among computer users relentlessly, thus making it necessary for law enforcement and computer firms to work together toward the eradication of ransomware.
Why Is Ransomware So Pervasive?
It seems that on a daily basis a large corporation or government entity is victimized by ransomware. But when they are hit, the national media becomes involved. What is not well publicized is that small- and medium-sized businesses also are targets of cybercriminals using ransomware,
Ransomware started when some criminals began to attack personal computer users. The mode of entry was email, and once the email message was opened or a file downloaded, malware locked your computer or its data and software in an encrypted format. To get your stuff back, you paid a ransom that was usually a small amount – say $50 to a few hundred dollars. It soon became apparent to cybercriminals that bigger payoffs were to be had than a home computer user might possess, and they moved away from personal users to companies of all sizes who could pay more and had pressing needs for their data. So, they began asking for larger sums from businesses, and many paid – causing the problem to grow.
What Can Businesses Do to Prevent a Ransomware Attack?
Ransomware occurs in three different ways. They are:
- Opening or downloading an attachment from an unknown sender.
- Visiting a website that hosts ransomware even if the site appears legitimate.
- Connecting an already infected device to the company system. This can be by employees who access the system with their own device or vendors that have system access for orders, invoicing and other paperless transactions.
What Are the Authorities Doing?
In the United States, the Federal Bureau of Investigation (FBI) is charged with fighting ransomware. As far back as 2014, the FBI and European law enforcement agencies worked with one another in a fight against a certain strain of ransomware known as Cryptolocker. The person behind the ransomware was arrested and convicted. Concerning this incident, Deputy Attorney General James M. Cole, said:
“This operation disrupted a global botnet that had stolen millions from businesses and consumers as well as a complex ransomware scheme that secretly encrypted hard drives and then demanded payments for giving users access to their own files and data. We succeeded in disabling Gameover Zeus and Cryptolocker only because we blended innovative legal and technical tactics with traditional law enforcement tools and developed strong working relationships with private industry experts and law enforcement counterparts in more than 10 countries around the world.”
Recently, the overseas arena became harder on cybercriminals as the Dutch National Police, Europol, Intel Security and Kaspersky Lab launched a new initiative to fight ransomware and cybercriminals called “No More Ransom.” As techniques are found for decrypting locked systems and files, the solutions are posted on the No More Ransom site and allows anyone who needs to unlock files and systems free access.
Puryear IT is the trusted choice when it comes to staying ahead of the latest information technology tips, tricks and news. Contact us at (225) 706-8414 or send us an email at firstname.lastname@example.org for more information.