5 Signs Your Organization is Vulnerable to a Ransomware Attack
Data breaches are no longer only a problem for security professionals, but for organizations as a whole. According to last year’s Official Annual Cybercrime Report, cybercrime damages will cost the world $6 trillion annually by 2021, up from $3 trillion in 2015.
Ransomware attacks, in particular, have many organizations playing security catch up due to the speed with which they have grown in volume and complexity. Ransomware attacks are predicted to hit every 14 seconds by 2019, and the 2018 Data Breach Investigations Report from Verizon indicates that ransomware attacks are moving beyond employee desktops – now threatening critical business systems and demanding even larger ransom payments.
The most important thing to know about ransomware attacks is that no matter how large or small your organization is, what industry you operate in or where you are geographically located yes, you are a target. 22 percent of small businesses hit by ransomware attacks were crippled so badly they had to immediately cease operations. Local government agencies are not immune either: a recent ransomware attack cost the City of Atlanta $2.7 million. Bottom line: attackers are not just targeting the largest global companies with the deepest pockets.
To better understand how to mitigate risk, we are sharing five signs that your organization could be vulnerable to a ransomware attack:
Your business is involved in a susceptible sector
Some of the most enticing organizations to hackers are ones that provide critical services, such as in healthcare, education, law and government sectors. When data is vital for institutions, like hospitals that rely on patient data for life or death situations, or law firms that are responsible for confidential client information, criminals know they are more likely to be paid for the ransom.
Lack of employee training
Phishing remains one of the most effective ways for attackers to execute ransomware attacks, which means that your organization must put in place and maintain effective employee training and education to close this vulnerability. Ongoing cyber security training and education can convert employees from your weakest security link to your first line of defense if they better understand what to look out for and how to quickly report suspicious activity.
Demonstrating that ransomware is an organizational rather than individual threat is also critical because many employees who are targeted are reluctant to notify internal stakeholders in a timely fashion – if at all. An Intermedia survey of more than 1,000 office workers found that 59% of employees that had their computer hit by ransomware paid the ransom demand out of their own pockets – while only 37% said their employer paid the ransom. The main reason: employees were embarrassed to have fallen victim and felt paying the ransom personally would prevent the organization from finding out.
Poor access policies
Employees should only be able to access systems and data that are required for their job functions. If an employee’s role does not require access to specific data, do not provide it unless needed, as these systems can contain highly sensitive documents and information. When employees are granted generous data access, it becomes much easier for hackers to have access to sensitive data. Today it pays to err on the side of restricting access and evaluating access needs on a case-by-case basis.
Your employees have mobile access
The prevalence of mobile malware is increasing fast. A recent report from Kaspersky Lab found that 218,625 mobile ransomware files were detected in the first quarter of 2017, and the number of global smartphone subscribers, including business-owned smartphone subscribers, is expected to reach 3.8 billion by 2022, according to Forrester Data. Employees should promptly install phone updates, use strong passcodes and passwords, and never connect their mobile device to a public computer.
You are running a vulnerable version of Windows
Weak versions of Windows that have not been updated with the most recent fix can put your organization at risk of an attack. Organizations should regularly run Windows Update to get the latest software updates, make sure anti-virus products are up-to-date, and set up regular auto-scans to check for any malicious programs. The WannaCry ransomware attack exploited older computers and those that did not include recent security updates or patches.
Always remember to backup important data, as well. All emails, incoming and outgoing, should be scanned for malicious attachments, and regular penetration tests should be conducted against your network’s security at least once a year, according to the Department of Justice.