In recent years we've seen increasing numbers of companies fall victim to ransomware that encrypts a compromised computer's files, threatening to delete them all if a Bitcoin ransom isn't paid to the attacker. Even police departments have been strong-armed by cyber bullies into shelling out ransom payments.
While coughing up the money may encourage attackers to continue their campaigns, it's tough to blame organizations for either not wanting to lose their data or receive negative press on their security posture.
New variants of ransomware keep popping up, skirting anti-virus systems and haunting security pros.
A recent study conducted by Malwarebytes indicates that this is a primary cause for concern. Of the 685 IT decision-makers surveyed, 38 percent indicated that ransomware had the most severe impact on their organization, moreso than advanced persistent threats. The same report also indicates that 84 percent of respondents believe that traditional AV lacks in addressing modern threats.
So, is there an answer to this proven threat? For TK Keanini, CTO at security firm Lancope, there's a logical one: Back up your data. If organizations treated ransomware as “just a drive failure” they'd be better off, he says.
“When you look at the economics, it is most of the time cheaper to have a cloud backup system on a yearly subscription than to pay the ransom, and with the backup, you get all the other added benefits,” Keanini says.
It may seem like a one-size-fits-all solution, but a recent alert issued by The Internet Crime Complaint Center shed light on a new attack that uses ransomware to drop trojans and keyloggers, thus adding a new layer to this already disruptive threat. Thanks to that attack, miscreants netted more than $179 million from victims
in the U.S. and 45 other countries.
While it's essential to ensure enterprises are equipped to handle malware threats, Christopher Budd, threat communication manager at Trend Micro, believes that so long as ransomware's brutal efficiency and effectiveness surrounding its “data destructive qualities” continues, this threat will likely proliferate in various forms.
“Ransomware has shown time and again that it's more than willing to ‘pull the trigger' and cause permanent harm and heartache if the criminals don't get what they want – and sometimes even when they do,” Budd says.