Security Experts Say It’s Never a Good Idea to Succumb to Ransomware

April 21st, 2016

Ransomware has been much in the news due to the dangerous escalation in these types of attacks. Much attention has focused on healthcare attacks but all industries are vulnerable.

Recently reported ransomware victims include the U.K. Parliament, email service providers, a non-profit that helps people with disabilities, and even police departments. Some of the targets wound up paying the ransom, generally in cryptographic currencies, such as Bitcoin, to restore access to their data or systems. But security experts say it’s never a good idea to succumb to these demands.

The bad guys typically use malware to encrypt an organization’s data and then demand money from their targets to decrypt it. Decline to comply by a certain deadline and the ransom may go up – and so too may the risk that the hackers will delete the private key on the malware control server needed to decrypt the files. Ransomware also may work by locking a user’s screen until payment is made.

The 2016 Crypto-Ransomware Report, a survey of 275 IT vendor experts conducted by Researchscape International, found that more than 40% of respondents have seen their customers become victims of these attacks, and that the malware has infiltrated more than 20 different industries. Nearly 60% said they expect the number of attacks to increase in some degree this year.

Those companies with the most to lose from the attacks were in:

Fighting Ransomware

It’s pretty clear that your organization should be ready to confront the ransomware threat, whether hackers target individual employees’ systems and the networks they have access to or the company’s network at large. The first step, of course, is educating end users about how ransomware can creep up on them via:

Employees should guard against these potential attacks as they would any other kind of malware, starting with common-sense steps – avoid clicking on suspicious links in emails, for instance.

IT’s part in combating attacks against both individual users and enterprise networks includes keeping up with core security tasks that sometimes aren’t as rigorously adhered to as they should be. IT teams, for example, need to:

The job is undeniably getting harder. According to recent research, ransomware attacks that encrypt all the data they can access are a more attractive method to hackers in comparison to individual end user attacks. These measures destroy local backups beforehand for an extra punch and come with a lump-sum payout requirement to let victims recover data.

This approach lets hackers avoid the higher costs and labor of maintaining the infrastructure for persistent attacks, and if they operate fast, they can more speedily receive payments from victims.

Ransomware authors are likely to develop ransomware with faster and more effective propagation methods in order to maximize impact and probability of receiving payment. Companies can anticipate a trend towards ransomware that can self-propagate and move autonomously through a network to devastating effect.

Serious Repercussions

Paying can seem appealing to those who are unprepared for a ransomware attack, but there can be more serious problems associated with taking the easy way out. Several underground hacker sites keep track of those who have paid. Once a company is known to have paid up, they can expect to be targeted by even more attackers more often.

Clearly, IT security teams are going to have to get more sophisticated in their approach to what is likely to become a much tougher problem. They’ll have to consider how they can become more proactive in detecting these and other forms of advanced malware, for example, such as continuously monitoring their systems and networks in a unified fashion for malicious software and behavior anomalies specific to their environments.

Lawmakers are also proposing legislation that makes it a crime, punishable by fines and prison time, to knowingly introduce ransomware into a computer or network. But most businesses would prefer to shore up their defenses against these pernicious threats and avoid the courtroom drama in the first place.

Learn how Masergy’s professional security services and managed security services can help you bolster your network defenses.

David Venable

David Venable, Vice President of Cyber Security at Masergy Communications, has over 15 years experience in information security, with expertise in cryptography, network and application security, vulnerability assessments, penetration testing, and compliance. David is a former intelligence collector with the National Security Agency, with extensive experience in Computer Network Exploitation, Information Operations, and Digital Network Intelligence. He also served as adjunct faculty at the National Cryptologic School.

Related Content

Transform with Certainty: Masergy’s New Branding Spotlights Confidence in Service Experience

As the pioneer in software-defined networking, Masergy’s new brand crystallizes the value we deliver--helping enterprises transform with certainty.

Read more

How to Invest Wisely in Digital Transformation with Technology Chains

In focusing too narrowly on single technologies, IT leaders miss out on the aggregate benefit of technology chains. The key is to ensure tight integration across all layers of the IT ecosystem with a technology value chain.

Read more

Masergy Announces 2020 STEM Scholarship Opportunities–Students Apply Now!

Masergy supports students with inventions making an impact on society. A new STEM scholarship will award $10,000 in total prizes to innovative college students. Get the application details.

Read more