In our blog we haven’t talked about ransomware in a long time. Today we did some research on the level of threat that ransomware generates. The projections from four different sources are stunning. So, we’re showing you the potential costs and providing some solid ideas for mitigating your risk.
- Ransomware will cost companies and individuals $6 trillion annually by 2021. (Source: Cybersecurity Ventures)
- Mac ransomware will see noticeable increase. (Source: Palo Alto Networks)
- MIT predicts cloud computing companies will see increased attacks against their systems. (Source: Computer Weekly)
- The growing threat of ransomware will expand beyond lockdown on integral files and folders to include access to networks and accounts. (Source: RSA Security)
What is Ransomware?
It’s a malicious software, or malware, that encrypts your computer data, denying access until a ransom is paid. Typically, ransomware spreads through phishing emails or an infected website.
Recovery is a difficult process and frequently requires the services of a reputable data recovery specialist. Please be advised that paying the ransom is no guarantee that you will recover your encrypted files.
Precautions
Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) recommends the following precautions to protect users against the threat of ransomware:
- Update software and operating systems with the latest patches. Outdated applications and operating systems are the target of most attacks.
- Never click on links or open attachments in unsolicited emails.
- Backup data on a regular basis. Keep it on a separate device and store it offline.
- Follow safe practices when browsing the Internet. Read Good Security Habits for additional details.
In addition, CISA also recommends that organizations employ the following best practices:
- Restrict users’ permissions to install and run software applications, and apply the principle of “least privilege” to all systems and services. Restricting these privileges may prevent malware from running or limit its capability to spread through a network.
- Use application whitelisting to allow only approved programs to run on a network.
- Enable strong spam filters to prevent phishing emails from reaching the end users and authenticate inbound email to prevent email spoofing.
- Scan all incoming and outgoing emails to detect threats and filter executable files from reaching end users.
- Configure firewalls to block access to known malicious IP addresses.
Also available from CISA are Ransomware Security Publication, technical guidance on How to Protect Your Networks from Ransomware, and CISA's Awareness Briefings on Combating Ransomware, Joint Ransomware Statement, and CISA Insights – Ransomware Outbreak for more information.
Taking Action
Victims of ransomware should report it immediately to CISA at www.us-cert.gov/report, a local FBI Field Office, or Secret Service Field Office.
Dean and Draper
Part of your cybersecurity plan should include cyber insurance. We are ready to answer your questions and discuss your choices.
Dean& Draper is a Trusted Choice insurance agency representing over 200 insurance companies. For over 36 years we have offered a trusted freedom of choice to our clients. ContactUs.
The recommendation(s), advice and contents of this material are provided for informational purposes only and do not purport to address every possible legal obligation, hazard, code violation, loss potential or exception to good practice. Dean & Draper Insurance Agency specifically disclaims any warranty or representation that acceptance of any recommendations or advice contained herein will make any premises, property or operation safe or in compliance with any law or regulation. Under no circumstances should this material or your acceptance of any recommendations or advice contained herein be construed as establishing the existence or availability of any insurance coverage with Dean & Draper Insurance Agency. By providing this information to you, Dean & Draper Insurance Agency does not assume (and specifically disclaims) any duty, undertaking or responsibility to you. The decision to accept or implement any recommendation(s) or advice contained in this material must be made by you.
©2020 Dean & Draper Insurance Agency All Rights Reserved.
Sources: Comparitech, CISA