Data tokens on this page
Fraud 101: How to Prepare Your Business against Malware and Ransomware
Fraud 101: How to Prepare Your Business against Malware and Ransomware
While news of data breaches involving household names receive extensive coverage, cyberattacks happen to businesses of all sizes too. To breach a company's defenses, cybercriminals employ many tools and tactics. Malware, a contraction of "malicious software," is often used to damage or destroy the devices and computer systems of individuals and organizations.
A virus is a form of malware that changes how a computer operates and spreads to other devices, as well as within a company's network. Spyware, adware, and trojans are forms of malware that can harm individuals, entities, devices, or data.
Ransomware is a particularly dangerous form of malware designed to block a user or company's access to their data until the attackers receive a ransom to relinquish their control. How big of a problem is ransomware, and what can your organization do to mitigate the risk? Read on to learn more about the exploding costs of breaches and how to address your business’s susceptibility to cyberthreats.
The increasing cost of ransomware
According to Verizon's 2022 Data Breach Investigation Report, almost 70% of breaches facilitated by malware involved ransomware. Palo Alto Networks' Unit 42, a team of researchers and security consultants, reported that in the first five months of 2022, the average ransomware payment increased by 71% to $925,162. In comparison, the average ransom payment in 2020 was $300,000, and a mere $500 in 2016.
While the average ransomware payment is just under $1 million, this value does not include the cost of responding to a data breach. IBM's Cost of a Data Breach report determined that the average cost of a ransomware attack was $4.54 million, which excludes the cost of the ransom.
How do cyberattacks happen?
While criminals' tactics can vary, attacks often involve email to deliver files laden with ransomware. Once a victim opens the email and clicks on the attachment, ransomware is installed on the user's devices. From there, ransomware can infect the company's entire network. Criminals then encrypt their victim's files, meaning they scramble the data, making them unreadable. Only the criminals possess the ability to unscramble the data using a decryption key. When a company pays a ransom, criminals decrypt the stolen data and allow the victim to regain control of their files.
Implement a plan to prevent cybercrime
As with other forms of cybercrime, prevention requires a multi-pronged approach. Here's some guidance on making it more difficult for cybercriminals to breach your defenses with a ransomware attack.
- Back up your data every day. Organizations often find themselves forced to pay a ransom to regain control of their data, as they do not possess a recent backup. Consider backing up data online, via a dedicated cloud backup service, and offline to an external hard drive.
- Keep security software and your operating systems up to date. Criminals routinely exploit known security weaknesses that organizations fail to fix. They also evolve their tools and tactics quickly to avoid detection. Update your malware and anti-virus software automatically, and consider doing the same with your operating systems.
- Educate employees about the risks of email. Since email is the primary vehicle attackers use to deliver ransomware, employees play an essential role in helping to prevent attacks. Train employees on the potential dangers lurking in unsolicited messages and what to do if they receive a suspicious email. Periodically test their knowledge and counsel those who fail to detect suspicious emails or do not participate in required training classes.
- Create a cyber incident response plan. Should an attack happen, make sure employees know how to react. Depending on the size of your company and employees' security knowledge, it may make sense to create a cyber incident response team to handle the attack. Alternatively, your company may engage a third-party security provider to respond to the attack. Regardless of the path you choose, make sure there's a plan in place.
- Engage a third-party firm to evaluate your cybersecurity program. To assess the effectiveness of your security program and uncover potential gaps before criminals can exploit them, consider hiring a third-party security firm. In addition to scrutinizing your security, the firm can share the latest threat intelligence and best practices to withstand an attack.
Ransomware attacks succeed when criminals install malware on a device or network, allowing them to encrypt files and stop your business from accessing its data. Given the exponential growth in the size of the ransoms paid, which may soon result in an average payment of $1 million, criminals will likely continue to launch ransomware attacks.
At the heart of every ransomware attack lies a company's data. Protecting your devices and networks and backing up data regularly can mitigate the risk of a ransomware attack. Cybercrime is an ever-present threat. Investing in security is critical to avoiding and withstanding an attack.
For more information on scams targeting your business, and measures you can take to protect it, visit our security page.