Your BBB® has written about the topic of ransomware before, but a new study by IBM Security, “Ransomware: How Consumers and Businesses Value Their Data,” sheds more light on its impact.
According to the News Release announcing the study, the FBI estimated that cybercriminals made $209 million in the first three months of 2016 which puts them on track to make nearly $1 billion by the end of 2016. The perpetrators often demand payment in bitcoins, a digital currency, to avoid being traced.
The costs don’t end with the ransomware payment according to the data breach insurance company Beazley. Companies and consumers also have to pay for a thorough review of their systems and data to make sure the malware has been removed and the data is clean.
The FBI listed ransomware as one of the leading cybersecurity threats in 2016. If you’ve ever been surfing the web and suddenly your computer screen freezes with a pop-up message—supposedly from the FBI or another federal agency—saying that because you violated some sort of federal law your computer will remain locked until you pay a fine, you’ve been the target of a ransomware scam. In a variation of the scam, you get a pop-up message saying that your personal files have been encrypted and you have to pay to get the key needed decrypt them.
The FBI defines ransomware as “an extortion technique used by cybercriminals where data on computers and other devices is encrypted and held for ransom until a specified amount of money is paid.” The results of the IBM study found that 70% of businesses infected with ransomware have paid ransom to regain access to their data. On the other hand, 50% of consumers said they would not pay to regain access to personal data or devices aside from financial data.
The IBM study found that businesses and consumers were more likely to pay the ransom if financial data was involved. In addition to financial reasons to pay, 55% of parents said they would pay for access back to their family digital photos. Another concern for parents was losing access to gaming devices used by their children.
The author of the IBM study, Limor Kessem, said,” The digitization of memories, financial information and trade secrets require a renewed vigilance to protect it from extortion schemes like ransomware.” Here are some tips to protect businesses and consumers from Kessem and the FBI:
- Be Vigilant: Don’t click on links or open attachments from an unknown source.
- Backup Your Data: Make sure backups are secure and not constantly connected to the live network and test them regularly. Store the backups offline.
- Disable Macros: Macros from email and documents should be disabled by default to avoid infection.
- Use a popup blocker.
- Only download software—especially free software—from sites you know and trust (malware can also come in downloadable games, file-sharing programs, and customized toolbars).
- Patch and Purge: Maintain regular software updates for all devices including operating systems and apps.
- Use the same precautions on your mobile phone as you would on your computer when using the Internet.
BBB also has a Cybersecurity microsite, “5 Steps to Better Business Cybersecurity,” a training program for business owners to help them understand how best to identify and protect their business’s vital data and technology assets, and how to detect, respond to and recover from a cybersecurity incident.
For more information you can trust on cybersecurity and other topics, visit bbb.org/evansville.