There’s a lot we could say about how 2017 was the year of ransomware, but we think Trend Micro put it well when they said “This year was the year when ransomware diversified into one of the most hard-hitting threats to affect users and especially enterprises.”

You probably heard about the large-scale attacks like WannaCry and Petya that affected conglomerates around the world, and while hacks like those certainly ramped up in intensity this year we also saw an increase in “smaller” attacks.

The number of ransomware attacks on businesses tripled last year; in other words a business was attacked with ransomware every 40 seconds. Although larger companies are targeted slightly more often, for the most part hackers are not picky about the size or industry they’re attacking.

Why is Ransomware rising?

Just as IT Security is a service that we sell to you, hackers have now started their own “services” with the product being ransomware. Easy-to-use tool kits that allow a would-be hacker to create their own malware are now readily available on the dark web. It has never been easier to attack an unprepared business than it is right now.

Ransomware is also popular because it works. 71 percent of targeted companies are successfully infected, and half of those attacks infect at least 20 employees, unfortunately making ransomware a pretty lucrative venture for the cybercriminal.

Expect this trend to only increase in 2018 until it becomes common knowledge among businesses how to prevent and stop these attacks. You can’t just install run-of-the-mill security measures on your computer and expect it to stop these advanced attacks. It’s that type of wishful thinking that hackers prey on to attack companies that think they’re safe and secure.

Even worse, now that hackers know that ransomware is so effective, they are capitalizing on it. Demands to unlock your files have risen dramatically to an average of over $1,000 per infected user. If you’re a business with 20 users you should think about if you can afford to lose $20,000 to a breach that could have been avoided with better security. Keep in mind, paying the hackers doesn’t guarantee you’ll get your files back, or that they’ll be usable even if you get them back.

What can you do about it?

In response to the growing threat of ransomware, some companies are stockpiling Bitcoin which can be later used to pay off future attackers. This is not a good idea. Bitcoin is very expensive, and paying hackers so willingly will only flag your business as a prime target because cybercriminals will know you paid the ransom.

Instead, take preventative measures to make sure you are never a subject to ransomware in the first place!

In addition to educating every employee about how ransomware is spread, especially through email, we recommend you implement these five things:

1. External email filtering
2. Firewall with unified threat management
3. Centrally managed antivirus
4. Event log monitoring and management
5. Full image backups

To learn more about cyber security and how your firm can avoid Ransomware, you can contact TOSS C3 24/7 at 1-888-884-8677.