Insights & White Papers

Threat Actors’ favorite source of quick cash

By Business Threat Intelligence Group

Business Threat Intelligence

Ransomware is still a real and costly threat to businesses. Don't fail to implement basic information security controls and rely solely on backup and recovery methods to restore data. We have five tips to help protect against this compromising threat.

Ransomware: A Threat Actors’ favorite and repeatable source of quick cash

Ransomware is a real and costly threat – ransomware damages reached $5 billion in 2017. Some surveys have shown that ransomware losses for businesses can average $2,500 for each incident, with companies willing to shell out upwards of $50,000 to decrypt their data.

The brazenness, prominence, and frequency of ransomware attacks have increased in recent years. Cryptolocker, Cerber, Dridex, Locky, and WannaCry are just a few examples.

A wily type of malware that has been around for 30 years, ransomware seems like it would have been obsolete by now.  But the rise of cryptocurrency has helped ransomware gain ground as identifying the receiver of payments becomes harder.

Average Business Cost of Ransomware Attack are High

While the stats are not completely due to different disclosure duties and laws, experts estimate that more than half of businesses paying ransoms may not actually receive their data back.  One study notes that 45% of US companies hit with a ransomware attack paid the hackers, but only 26% of them had their files unlocked.  The average estimated business cost of a ransomware attack, including ransom, work loss, time spent responding, is more than $900,000.

Given that ransomware has been around for a while, shouldn’t there be a security patch, anti-virus, or anti-malware tool to detect, prevent, and mitigate this threat?   There indeed are many tools available.  The problem rests with an inadequate information security strategy.

Avoid Ransomware Attacks with Best Practices

Many information technology shops fail to implement basic information security technical controls and rely solely on backup and recovery methods to restore data. One of the most effective ways to protect against compromise is by limiting what someone can do when they get onto a machine. Consider enforcing these best practices within your organization:

  • Don’t allow general users to connect to the local administrator account
  • Limit what software can be allowed on the system
  • Update software, servers, and applications
  • Implement a training and awareness program that focuses on social engineering
  • If a user falls victim to a ransomware attack, the infection process must be thoroughly analyzed to determine the path of attack and system vulnerabilities

Liberty Advisor Group has the Experience to Help

With decades of threat intelligence experience from CIA and NSA operatives, Liberty Advisor’s Group experts have been detecting and thwarting the activities of even the most devious threat actors, helping protect entities ranging from government agencies to Fortune 500 companies.  We have the experience to arm you with the right information and tools so you can make critical decisions and operational changes in real-time.

By Business Threat Intelligence Group