The business segment is becoming a more and more attractive target
for ransomware developers. Ransomware is malware which renders existing
files unusable through encryption and asks for a ransom to make them
usable again, with a decryption key.
According to a Kaspersky Lab report based on Kaspersky
Security Network (KSN) data, the number of attacks against the
corporate sector 2015 to 2016, compared with 2014 to 2015, has grown
six-fold: from 27,000 to 158,000. This works out to ransomware trying to
encrypt the data of every tenth B2B user, the company said.
Cyber-criminals
using ransomware have begun to attack businesses more frequently,
particularly small and medium-sized companies. This trend is confirmed
by the IT Security Risks 2016 study from Kaspersky Lab and B2B
International, during which 42% of respondents from small and
medium-sized businesses agreed that crypto-malware (ransomware) was one
of the most serious threats they faced last year.
For
small companies, any data unavailability – however brief - can lead to
significant losses, or bring their entire operations to a halt. If a
company has not been taking due measures to ensure the safety of its
important information, purchasing the decryption key from
cyber-criminals can be the only way to recover data. However, this does
not guarantee complete data recovery, or even any data recovery at all.
Kaspersky Lab experts recommend that small and medium-sized companies should follow several simple safety rules:
•
Make regular backup copies of all important files. Companies should
have two backups: one in the cloud (for example Dropbox, Google Drive,
etc.), and another on an additional server or on removable media if the
data volume is not too big.
• Trust well-known service
providers who invest into security. Such providers will share security
recommendations on their websites, and publish third party security
audits on cloud infrastructure. Cloud providers can have security,
availability or data leakage problems.
• Raise the
question of what to do if the cloud or security provider loses your
data. There should be transparent data backup and restore processes
together with data protection and access control.
•
Avoid using only free security and anti-malware software: small
businesses expect the basic security tools offered within free solutions
to be sufficient. Free tools do provide basic protection, but they fail
to provide multi-layered security support. Instead, take a look at
dedicated solutions: they do not require a large financial outlay, but
deliver a higher level of protection.
• Regularly
update operating system (OS), browser, antivirus, and other
applications. Criminals use vulnerabilities in popular software to
infect user’s devices.
• Prevent IT emergencies -
invite an expert to configure the security solution for your company.
Small businesses usually rely on the 'techiest' person in the office to
take care of the computers, in addition to regular duties, instead of an
IT department or full-time dedicated administrator. Instead of waiting
until something breaks, use IT support from an IT service provider to
review your software and security configuration in advance.
“Crypto-malware
is becoming a more and more serious threat. Not only (can) an
organisation lose money for ransoms, but business can be paralysed
during file recovery. There is wide attack vector including Web, mail,
software exploits, USB devices, and others. To avoid infection, your
personnel should explain where attacks come from and that employees
should not open (suspicious) email attachments, visit untrusted Web
resources or plug USB devices into unprotected computers. Anti-malware
solutions are an essential measure to avoid majority security
incidents,” noted Konstantin Voronkov, Head of Endpoint Product
Management, Kaspersky Lab.
Interested?
Businesses which have experienced ransomware can check whether it is possible to recover them by using free utilities or decryptor keys from Kaspersky
