Don't let criminals hold your data hostage
By Ken Prater, Mfrtech
It's amazing how one simple click on a seemingly innocuous email can cause such havoc and dollars. Ransomware is when a malicious software is downloaded onto your computer system and blocks access to it until you pay a sum of money. It's often downloaded when an unknowing employee clicks on a phishing email.
And it's becoming more common with ransomware attacks up 300 percent in Q1 of 2016.
It's no surprise that companies are paying this form of cyber attack more attention. A survey earlier this year of 1138 companies by KnowBe4, showed a growing apprehension over ransomware with 79% saying they are very or extremely concerned about it, compared to from 73% in 2014.
There was a huge jump in companies hit directly by ransomware at 38% in 2016 compared to 20% in 2014.
Manufacturing a Top Target
Of those directly hit by ransomware, Manufacturing companies were the most popular target with 54% of those in the KnowBe4 survey having been a victim compared with 44% in Healthcare, Education at 35%, Tech at 29% and Banking at 28%.
"Manufacturing companies are considered high-value targets to intruders interested in intellectual property and other proprietary information," says Raymond Kahre, director of marketing and programs for Sword & Shield Enterprise Security, an information security firm that protects, detects and responds to threats against sensitive data.
"They also tend to be larger, multifaceted organizations that place a premium on process and efficient operations. Ransomware by design cripples a company’s ability to restore network and file server operability. For manufacturing organizations, this can lead to production downtime which directly impacts the financial profitability of a company. Time is money. The longer it takes to restore operability, the more losses a company can expect to take. Manufacturers can see a greater benefit in paying the ransom, paying quickly, and the hijackers know this."
While the average cost of a data ransom is difficult to determine, there are examples of it being significant.
"The FBI keeps data about the costs of ransomware, but even they acknowledge that the numbers are hard to confirm as many ransomware victims do not report incidents. We’ve seen ranges from hundreds of dollars to hundreds of thousands of dollars," said Kahre.
How to Prevent Being a Victim
Mr. Kahre offers these suggestions to avert a cyber attack from ransomware.
Awareness Training and Phishing Simulation
One of the best ways to prevent your data from being held hostage is to not only help your employees recognize phishing emails but to simulate a phishing attack.
According to a report by EMA, 41% of employees still receive no security awareness training. Frequent simulated phishing attacks keep employees aware of new phishing schemes.
Add Layers of Security
Avoid the damage of ransomware by keeping all your data backed up regularly. Make sure disaster recovery plans are up-to-date and reviewed on a scheduled basis. Don't forget to monitor the network for suspicious activity, especially activity related to encrypting files.
Consider Cyber Insurance
Insurance exists that can help you mitigate losses in case of a ransomware attack.
Some simple education and prevention and thwart cyber attackers from using ransomware to stop a manufacturing operation in its tracks.