Blog & Tools

Beware: Ransomware is weapon of choice for cyber thieves


Ransomware has become the single largest cybersecurity threat facing most businesses, and risks continue to rise.

Other forms of malware remain significant threats, especially to small businesses. But other malware appears to have hit a wall, at least temporarily, in terms of growth, according to national security experts. The exponential growth and the relatively easy money that ransomware provides cyber thieves appears to be major reason.

Cyber thieves use ransomware to extort money from businesses. Hackers infiltrate victims’ computer networks to encrypt files or lock out legitimate users. Then, the hackers demand payment – typically in anonymous digital currency - to restore the files or users’ access.

Ransomware has evolved into a lucrative business model in the criminal world. So much so that its use grew by a multiplier of 167 – not percent, but times – from 2015 to 2016, according to SonicWall’s 2017 Annual Threat Report. SonicWall is a California-based company that sells cybersecurity products and services.

“The meteoric rise of ransomware in 2016 is unlike anything we’ve seen in recent years,” according to the company’s annual threat report. “The SonicWall Global Response Intelligence Defense (GRID) Threat Network detected an increase from 3.2 million ransomware attack attempts in 2014 and 3.8 million in 2015 to an astounding 638 million in 2016.”

SonicWall notes, for example, that the selling of ransomware services is making attacks available to an increasing pool of malware users. The company predicts that email will continue to be an effective distribution vector for ransomware in 2017 “as companies scramble to put more effective, advanced prevention systems and employee training procedures in place.”

The FBI, among other authorities, cite an increase in anonymous networking and secretive payment options as factors in the growing use of ransomware. Cyber thieves no longer have to be experts in technology to attack businesses. They can buy ready-to-use attack products secretly on the Dark Web and pay for them with untraceable currency such as Bitcoin.

Small companies generally are considered more vulnerable to cyberattacks than larger companies because they typically don’t have as large a technical staff or security budget.

The FBI has advice for businesses that deal with the risk of ransomware.

  • Make sure employees are aware of their critical roles in protecting the organization’s data.
  • Patch the operating system, software and firmware on digital devices (which may be made easier through a centralized patch management system).
  • Ensure antivirus and anti-malware solutions are set to automatically update and conduct regular scans.
  • Manage the use of privileged accounts. No users should be assigned administrative access unless absolutely needed, and only use administrator accounts when necessary.
  • Configure access controls, including file, directory and network share permissions appropriately.
  • Disable macro scripts from office files transmitted over email.
  • Implement software restriction policies or other controls to prevent programs from executing from common ransomware locations such as temporary folders.

To help ensure business continuity after an attack, the FBI encourages companies to back up their data regularly and to verify the integrity of the backup system. It should be secured and not connected to the computers and networks they back up.

Security experts at SDN Communications in Sioux Falls stress that in addition to having good, up-to-date security equipment, companies must regularly train all their employees well and keep training content up to date.

Most often, computing networks become infected with malware through human error and careless behavior rather than through mechanical failure, SDN points out.

To protect business networks, all employees in an organization must be trained not to click on suspicious links, for example, and they must be on guard so they’re not tricked into giving out sensitive corporate information to outsiders.

SDN offers a booklet that helps educate employees about the basics of cybersecurity. Use the button below to download a copy to share at your business.

Download The Book