Ransomware attacks, which use a type of malware that encrypts or locks valuable digital files and then demand a ransom payment to release those files, are on the rise. Ransomware is becoming an ever-more serious threat to the trustworthiness of internet infrastructure and business-critical IT systems. Ransomware is the new criminal business model. Due to black market economics, ransomware is not going anywhere – it’s easy to implement with high return on investment (ROI). Ransomware is less about technological sophistication and more about exploitation of the human element.
Despite repeated warnings since 2014, many individuals and organizations continue to suffer ransomware infections. For this reason, the FBI’s Cyber division recently issued an alert and new guidance on dealing with ransomware.
- Implement and follow robust data security practices.
- Train employees to be on the lookout for suspicious emails and websites.
- Establish business continuity plans that include regular system backups.
- Create and implement rigorous data retention policies to ensure that only necessary data is maintained, thus minimizing the amount of data subject to ransom.
- Don’t pay ransomware extortionists. Paying a ransom doesn’t guarantee an organization will get critical data returned. More importantly, paying a ransom not only emboldens current cyber criminals to target more organizations, it also offers an incentive for other criminals to get involved in this type of illegal activity.
Prevention is key when it comes to ransomware. Businesses and organizations can take necessary measures to better protect digital data, and those include using a comprehensive security suite and user awareness training. But above all, ensure critical data is backed up regularly to avoid catastrophic damage.