It seems UK businesses are raising a white flag to online extortionists. One in three medium to large businesses is stocking up on Bitcoins to prepare to pay ransom in a ransomware attack, according to new research by Citrix.
Some 35% of companies would pay up to £50,000 to regain access to important intellectual property or business-critical data in a breach, the survey reveals.
“Today’s threat landscape is more advanced, more determined and better equipped than ever before to exploit the weaknesses of organizations – many of which house a potential data goldmine,” said Chris Mayers, chief security architect at Citrix, at the InfoSecurity event in London.
Almost half of companies admit to not backing up their data daily, the easiest and most effective way to ensure recovery of files in a ransomware attack. Some 13% have even admitted to never serializing their backup data files, leaving them irretrievable in case of a ransomware offensive.
Why is this information disturbing?
The data raises concern as businesses are seemingly admitting defeat in the battle against ransomware, a threat that is continuously honing its techniques to elude anti-malware software and spreading like wildfire.
Email-based ransomware attacks directed at US users increased 5 percent in the first quarter of 2016, recent Bitdefender data shows, reinforcing the country’s position as cyber-criminals’ most-stalked target. Globally, 15.5 percent of email attachments delivered in Q1 contained some form of ransomware.
Moreover, phishing volumes in the first quarter of the year rose 800%, and 93% of phishing emails are pushing ransomware, according to PhishMe statistics.
“Thus far in 2016, we have recorded an unprecedented rise in encryption ransomware attacks, and we see no signs of this trend abating”, says Rohyt Belani, CEO and co-founder of PhishMe. “Individuals, small- and medium-sized businesses, hospitals, and global enterprises are all faced with the reality that this is now one of the most favored cyber-criminal enterprises.”
The results dovetail with recent Anti-Phishing Working Group findings showing that phishing attacks in Q1 2016 hit a 12-year high. APWG noted a 250% increase in phishing sites popping up between October 2015 and March 2016.
Key protective measures
Saving up for ransom money is definitely not a solution. The money should be spent on bolstering a proactive security budget.
Backup remains essential for companies and home users who care about their digital assets. IT administrators should set up regular offline, off-site backups to critical data in case malware finds the network connected storage and encrypts the data.
Deploying a company-wide security solution is a must, as it will help spot malicious payloads landing via drive-by attacks or spear-phishing attempts. Furthermore, malware developers have started exploiting new platforms, such as Linux. As they broaden their perspectives by targeting operating systems that have a large market share, the chances of infection increase exponentially. A security solution that can stay ahead of the constantly shifting threat landscape is indispensable.
IT administrators should also set up access control lists and restrict user permissions on endpoints to ensure employees don’t accidentally install suspicious or rogue software.