To prevent ransomware, companies need to focus on giving their employees actionable security awareness training that educates, empowers, and motivates. For this to happen, it’s important that employees understand the facts around ransomware and the deep impact it can have.

At a young age, we were taught to look both ways when crossing the street and to be aware of what is around us and where threats and danger could possibly be coming from. Similarly, to effectively prevent ransomware, companies need to create a culture of awareness that gives employees the means to protect themselves and the organization from cyberattacks and threats.

8 Ways To Prevent Ransomware

  1. Focus on your people.
  2. Educate your employees.
  3. Develop cyber security heroes.
  4. Prioritize behavioral change.
  5. Make security awareness training available.
  6. Communicate continuously
  7. Keep security awareness training interesting.
  8. Strengthen IT department defense strategies.

Continue reading for additional details.

What is Ransomware?

In order to prevent ransomware your users first need to be able to recognize it and learn how it happens. Ransomware is a type of cybercrime that holds data for ransom. Cybercriminals use malware to lock access to data on computer networks, mobile devices, and servers, forcing victims to pay to free their data.

No one is safe from ransomware attacks. Cybercriminals target companies, individuals, and organizations such as hospitals, educational institutions, governments, and police departments.

The most common method for launching a ransomware attack is with a phishing or spear phishing email that encourages the recipient to click a link, download an attachment, or visit a website that is infected with malware.

Once the malware has trapped the data and, in many cases, shuts down the entire computer network, criminals demand payment. Typically, criminals demand payment in Bitcoin – cryptocurrency that cannot be traced. To make matters worse, often when victims pay the ransom, the criminal ups the payment stakes and demands more money before unlocking the data.

Ransomware has become such a large threat that the FBI released a special alert in October 2019 to help raise awareness of ransomware.

Ransomware attacks are becoming more targeted, sophisticated, and costly, even as the overall frequency of attacks remains consistent. Since early 2018, the incidence of broad, indiscriminate ransomware campaigns has sharply declined, but the losses from ransomware attacks have increased significantly, according to complaints received by IC3 and FBI case information.

Although state and local governments have been particularly visible targets for ransomware attacks, ransomware actors have also targeted health care organizations, industrial companies, and the transportation sector.” (High-Impact Ransomware Attacks Threaten U.S. Businesses and Organizations, October 2,  2019)

How Much Damage Does Ransomware Cause?

The damage caused by ransomware is far-reaching, hurting companies and organizations beyond the cost of paying to release their data.

According to the recent Coveware Q2 Ransomware Marketplace Report, the damage done by ransomware can be divided into two primary costs: recovery costs and downtime costs. Coveware reports that the downtime costs of a ransomware attacks are on average 5-10 times the actual ransomware payout. These downtime costs include lost productivity, cancelled contracts, and the loss of industry confidence.

Preventing ransomware must be a priority, as evidenced by these Coveware research statistics:

  • 6 days is the average number of downtime days.
  • $36,295 is the average ransomware payment.
  • 8% of data is never recovered.

It’s important that companies and their employees understand that ransomware does more than force a payment – it in effect causes the organization to stop functioning.

Consider these examples of real-world ransomware costs:

  • The 2017 WannaCry attack on the United Kingdom’s National Health Services (NHS) infected over 200,000 computers and forced hundreds of NHS facilities to temporarily close. This resulted in the cancellation of thousands of medical appointments and operations, relocation of current patients, and in the interruption of on-going health care for NHS patients.
  • Tech company Nuance revealed that a 2017 ransomware attack cost the company $68M in refunds to customers and an additional $24M in recovery costs.
  • Maersk, a Danish transportation and logistics company experienced $300M of loss due to business interruption. The trickle-down impacts of the forced ransomware downtime included a 20% drop in shipping volume and the re-install of 4,000 servers, 45,000 PCs, and 2,500 applications in 10 days.

Admittedly, it can be hard to visualize the short- and long-term impacts of a ransomware attack. To help you start a discussion about the threats of ransomware with your colleagues, watch our on-demand webcast: Ransomware – Move from Beware… to Be Aware.

How Does Ransomware Happen?

Ransomware typically happens when someone in the organization or company inadvertently clicks a link or attachment that results in these common ransomware attack methods:

  • Downloader: infiltrates a computer and then downloads additional malware to attack the computer or device.
  • Malvertisement: fake criminal advertisements are displayed on real websites and when clicked, sends the victim to a website hosting an exploit kit that uses computer or network weaknesses as the entry point.
  • Phishing or Spear Phishing: emails use social engineering tactics to trick victims into downloading and opening infected attachments.
  • Self-Propagation: ransomware that spreads across a computer network, infecting any computers, servers, or devices on the network.
  • Traffic Distribution System: redirects website traffic to a website that hosts an exploit kit and then installs the ransomware with drive-by-download malware.

Watch the on-demand webcast to learn more about how cybercriminals take advantage of human nature to trick us into clicking links and responding to emails without thinking twice.

How to Prevent Ransomware

To prevent ransomware, companies must be proactive in raising employee awareness and understanding of how ransomware happens. When employees understand the real impact of ransomware, they become invested in keeping their organization (and themselves) alert to cyberattacks.

Prevent ransomware from hurting your company and employees with these eight keys to cyber security awareness:

  1. Focus on your people.
    Your employees are your first line of defense against ransomware. Take advantage of gamification, microlearning, and ransomware simulation tools to engage and empower employees.
  2. Educate your employees.
    Use real-life scenario-based training to teach your employees how and when to open attachments from senders they do not know.
  3. Develop cyber security heroes.
    Foster a culture that encourages behavior changes that create internal cyber security heroes who are motivated to keep your organization safe and secure.
  4. Prioritize behavioral change.
    Create a corporate culture that encourages cyber security awareness learning, discussion, and openness that helps employees slow-down and carefully review emails, attachments, and advertisements.
  5. Make security awareness training available.
    Make it easy for employees to participate in cyber security awareness training. Give employees the training that fits with how and when they learn.
  6. Consistent communication.
    Provide ongoing communication and campaigns about ransomware, cyber security, and the risks that come in emails, text messages, and attachments.
  7. Keep security awareness training interesting.
    Use a flexible and personalized training delivery model that uses gamification, microlearnings, simulations, animated videos, and interactive online training.
  8. Strengthen IT department defense strategies.
    Make sure all employees are installing the latest recommended software versions, that employees are not using at-risk third-party applications, create a regular backup process, and remove any system vulnerabilities.

At Terranova Security, our priority is to provide companies cyber security awareness training tools and programs that work. We want to see an end to cyberattacks and are tired of reading articles about the increasing rates of ransomware and other cyber threats.

 


 

Webcast
Ransomware – Move from Beware… to Be Aware

We want what you want – a safe, secure, and empowered organization that is cyber security aware, ready, and engaged. Watch the on-demand webcast Ransomware – Move from Beware… to Be Aware, so you can start an internal discussion about how to prevent ransomware in your company