16 July 2016

Kaspersky offers tools to combat ransomware

The business segment is becoming a more and more attractive target for ransomware developers. Ransomware is malware which renders existing files unusable through encryption and asks for a ransom to make them usable again, with a decryption key.

According to a Kaspersky Lab report based on Kaspersky Security Network (KSN) data, the number of attacks against the corporate sector 2015 to 2016, compared with 2014 to 2015, has grown six-fold: from 27,000 to 158,000. This works out to ransomware trying to encrypt the data of every tenth B2B user, the company said.

Cyber-criminals using ransomware have begun to attack businesses more frequently, particularly small and medium-sized companies. This trend is confirmed by the IT Security Risks 2016 study from Kaspersky Lab and B2B International, during which 42% of respondents from small and medium-sized businesses agreed that crypto-malware (ransomware) was one of the most serious threats they faced last year.

For small companies, any data unavailability – however brief - can lead to significant losses, or bring their entire operations to a halt. If a company has not been taking due measures to ensure the safety of its important information, purchasing the decryption key from cyber-criminals can be the only way to recover data. However, this does not guarantee complete data recovery, or even any data recovery at all.

Kaspersky Lab experts recommend that small and medium-sized companies should follow several simple safety rules:

• Make regular backup copies of all important files. Companies should have two backups: one in the cloud (for example Dropbox, Google Drive, etc.), and another on an additional server or on removable media if the data volume is not too big.

• Trust well-known service providers who invest into security. Such providers will share security recommendations on their websites, and publish third party security audits on cloud infrastructure. Cloud providers can have security, availability or data leakage problems.

• Raise the question of what to do if the cloud or security provider loses your data. There should be transparent data backup and restore processes together with data protection and access control.

• Avoid using only free security and anti-malware software: small businesses expect the basic security tools offered within free solutions to be sufficient. Free tools do provide basic protection, but they fail to provide multi-layered security support. Instead, take a look at dedicated solutions: they do not require a large financial outlay, but deliver a higher level of protection.

• Regularly update operating system (OS), browser, antivirus, and other applications. Criminals use vulnerabilities in popular software to infect user’s devices.

• Prevent IT emergencies - invite an expert to configure the security solution for your company. Small businesses usually rely on the 'techiest' person in the office to take care of the computers, in addition to regular duties, instead of an IT department or full-time dedicated administrator. Instead of waiting until something breaks, use IT support from an IT service provider to review your software and security configuration in advance.

“Crypto-malware is becoming a more and more serious threat. Not only (can) an organisation lose money for ransoms, but business can be paralysed during file recovery. There is wide attack vector including Web, mail, software exploits, USB devices, and others. To avoid infection, your personnel should explain where attacks come from and that employees should not open (suspicious) email attachments, visit untrusted Web resources or plug USB devices into unprotected computers. Anti-malware solutions are an essential measure to avoid majority security incidents,” noted Konstantin Voronkov, Head of Endpoint Product Management, Kaspersky Lab.


Businesses which have experienced ransomware can check whether it is possible to recover them by using free utilities or decryptor keys from Kaspersky