Why Do So Many Companies Pay Ransomware Attackers? How to Avoid Becoming a Victim

Ransomware continues to be one of the costliest forms of malware and one that continues to grow rapidly. In Q3 of 2020, there were 145.2 million ransomware attacks in the U.S., representing a year-over-year increase of 139%.

 

This form of malware often brings businesses to a standstill because they can’t access any of their data. Ransomware will make files unreadable by encrypting them or hiding them from the user.

 

In October of 2020 Barnes & Noble fell prey to a ransomware attack that impacted online customer accounts and their NOOK virtual libraries, making them unusable.

 

There are also stories about schools being unable to open on time because a ransomware infection made student attendance files and bus route data inaccessible. Companies and municipalities have also had to shut down for hours or days in the wake of this type of attack.

 

Ransomware is a type of malware that’s designed to spread quickly, moving from one device to another throughout a network and can even infect files in cloud storage. Companies that pay the ransom (27% of them), pay an average of $1,000,000 to ransomware attackers to get their files restored.

 

But those payments just embolden the attackers and encourage new ones to release even more ransomware variants. Because ransomware has worked so well for cyber criminals is why this type of malware has continued to grow, causing many companies to look at increased email security and other safeguards.

 

Ransomware can infect systems in multiple ways:

 

·        Phishing attack

·        Malicious desktop or mobile app

·        Malware injected website

·        Opening a file attachment with ransomware

·        Infected USB device

Why Do Companies Pay Ransomware Attackers?

 

So, why do so many companies pay attackers, which just continues the cycle of more attacks? There are two main reasons.

 

1. They Don’t Have a Backup

 

If a company doesn’t have a full backup of their data, then their options are limited if they’re hit with ransomware. Because of the nature of this type of code, without the decryption key, which is what hackers are selling you when they demand a ransom, it could be impossible to restore your data.

 

When a company hasn’t properly been backing up their data and doesn’t have a restorable copy to fall back on, many of them have no choice but to pay the ransom and hope the attacker follows through.

 

2. Backup Restoration Takes Too Long

 

Some companies that do have a backup of their data still end up paying the ransom because they need to have systems back up as fast as possible.

 

Not all backup programs have a fast recovery feature, and when a doctor’s office can’t access patient records or a company is facing hundreds of thousands of dollars in downtime losses, paying the ransom can seem like the fastest way to restore things back to normal.

 

However, problems with paying the ransom include that it keeps ransomware attackers in business, and you’re trusting a criminal to holdup their end of the deal.

 

Over twice as many organizations hit with ransomware got data back via backups (56%) than by paying the ransom (26%).

How to Protect Your Company Against Ransomware

 

Email Security

 

Ransomware is largely distributed via phishing email, so if you can identify it before it gets to user inboxes, you can reduce your risk of getting infected.

 

Software that identifies dangerous emails and marks them with a warning can significantly decrease your chance of a ransomware infection.

 

Have a Reliable Backup & Recovery Program

 

You can ensure a fast recovery from ransomware and avoid paying the attacker by having a copy of all your data that is quickly restorable. Make sure to include backups of cloud storage as well as computers,servers, and mobile devices.

 

Remember, ransomware spreads quickly, so you want to be protected in case all your devices are infected.

 

AI-Based Antivirus/Anti-Malware

 

Make sure all company devices have a strong antivirus/anti-malware program that can detect threats and neutralize them should a system become infected with ransomware or another form of malware.

 

AI-based antivirus programs are created to look for strange behaviors, allowing them to catch zero-day threats that haven’t yet been cataloged.

 

Employee Awareness Training

 

Your employees are on the front line when it comes to ransomware,which is spread largely through phishing emails. Make sure they understand howto identify phishing and avoid clicking on malicious links.

 

Employees should also be aware that ransomware can be hidden in mobile apps, so they should always check the manufacturer of an app before downloading it onto a device used for business.

eMailAde Can Help You Protect Against Ransomware!

 

eMailAde gives your users an immediate alert about a potentially dangerous email, so no guesswork on their part is needed!

 

You can download eMailAde Outlook for Windows right now and try it free for 30 days (no credit card required). It’s fast to install and it can start protecting your business from ransomware within 5 minutes!

 

DownloadeMailAde today!

 

 

------------------------------------------------------------------------------

 

 

References linked to:

 

https://securityboulevard.com/2020/11/40-increase-in-ransomware-attacks-in-q3-2020/

 

https://www.zdnet.com/article/why-ransomware-is-still-so-successful-over-a-quarter-of-victims-pay-the-ransom/

 

https://www.emailade.com/features

 

https://www.thesslstore.com/blog/recent-ransomware-attacks-latest-ransomware-attack-news/

 

https://www.emailade.com/blog/prepare-for-holiday-phishing-scams

 

https://www.sophos.com/en-us/medialibrary/Gated-Assets/white-papers/sophos-the-state-of-ransomware-2020-wp.pdf

 

https://www.emailade.com/get-a-quote