For the enterprise, ransomware is a two-pronged challenge: Not only are enterprise assets under attack by bad actors, enterprise end users present ample opportunities for breaching security. Thanks to an uptick in social engineering attacks, i.e. emails or phone calls that can trick users into offering sensitive information or downloading a malicious software package, user behavior presents a significant vulnerability to the enterprise when it comes to ransomware.
As if the situation isn’t already bad enough, hackers are getting smarter, developing more customized and targeted approaches to separating users and companies from their money.
Smart hackers also are increasingly targeting business systems, where they can affect daily operations, along with profit and revenue streams. According to Cybersecurity Ventures, businesses will fall victim to a ransomware attack every 11 seconds by 2021, up from every 14 seconds in 2019, and every 40 seconds in 2016.
They are also getting smarter about the way they devise and implement their ransomware. For example, they take their time in encrypting files, which helps avoid detection by traditional tools. They are getting better at writing code and using multiple processes to perform the encryption, both of which stymies anti-ransomware efforts. They are focusing more on encrypting hard drive instead of individual files. And because so many users now are more wary about clicking on email links, hackers are embedding links in other types of files, such as Word documents, photos or PDFs.
Ransomware perpetrators also are getting braver. A recent report from Coveware found that ransom demands are getting higher, rising 89 percent from last year to this year. It also found that attackers are specifically targeting high-value systems using more manual methods, which can result in greater damage to businesses.
If you’re discouraged, you’re in good company. But there are ways you can protect your company from getting infected in the first place. Our guide walks you through the how-tos for protecting yourself, what to do if your enterprise is infected, and how to handle ransom demands.