pixel_dreams - Fotolia
Almost two-thirds of US office workers unaware of ransomware threat
Nearly half of ransomware attacks are aimed at office workers, but almost two-thirds of those polled in the US are unaware of the threat
More than 60% of US office workers are unaware of ransomware and the threat it poses to business, a survey has revealed.
Infections of ransomware, which encrypts critical data and demands payment for its release, are typically triggered by office workers clicking on malicious links in legitimate-looking emails.
Ransomware can lead to temporary or permanent loss of sensitive or proprietary information, disruption to regular operations, financial losses incurred to restore systems and files, and potential harm to an organisation’s reputation.
Lack of awareness about this increasingly popular type of malware is exposing businesses to a rapidly growing threat, according to the survey report commissioned by security firm Avecto.
The survey, of more than 1,000 office workers in the US, was aimed at gauging the level of security awareness and security education in the workplace.
It also revealed that 39% of respondents either have no confidence that their employer has measures in place to protect them against cyber threats or they are unaware of what their employer is doing to safeguard their online safety.
While 58% of those surveyed feel their employer regularly updates them on cyber threats, more than a quarter (28%) said security education is rare or only provided after something has gone wrong, when it is often too late.
The prevalence of ransomware is creating significant implications for the business community, with 4,000 ransomware attacks occurring every day, according to US government statistics, reportedly earning cyber criminals more than $208m in first three months of 2016 alone.
According to a report by security firm Symantec, ransomware attacks are becoming more targeted and a number of ransomware groups have begun using advanced attack techniques, displaying a level of expertise similar to that seen in many cyber espionage attacks.
Read more about ransomware
- Nearly 40% of businesses were hit by ransomware attacks in the past year, with more than one-third of them losing revenue and 20% forced to shut down, a study has revealed.
- Businesses still get caught by ransomware even though straightforward avoidance methods exist.
- Criminals used devices compromised for click fraud as the first step in a chain of infections leading to ransomware attacks, said security firm Damballa.
- The first half of 2014 saw an increase in online attacks that lock up user data and hold it to ransom.
The average ransom demand has more than doubled to $679, up from $294 at the end of 2015, and the number of new ransomware families discovered has been steadily increasing since 2011, with 100 new families discovered in 2015.
The advent of ransomware as a service means more cyber criminals can acquire their own ransomware, including those with relatively low levels of expertise, the report said.
The report also showed that 43% of ransomware victims between January 2015 and April 2016 were employees in an organisation.
Paul Kenyon, co-CEO at Avecto, said the survey findings should act as a wakeup call to the business community. “Employees might be a company’s greatest asset, but they are its greatest risk too,” he said. “Ransomware is a very real threat to businesses and we need to do more to educate employees on the risk of attack from the internet, or even business applications that are used every day.”
Have measures in place
Prevention is better than cure, said Kenyon, and to defeat these threats, it is vital to have proactive security measures in place and not rely on cleaning up after the attack.
“Good security starts with solid foundations on the endpoint, and unfortunately this is the area where many organisations still fall down,” he said. “Getting the basics right, and ensuring employees are well educated on the latest threats, is fundamental. Cyber security is a collective responsibility and we need to work together to stand up to cyber crime.”
UK guidance on ransomware hosted by the new National Cyber Security Centre (NCSC) recommends that organisations frequently create offline backups for essential data.
Creating backups means that if an organisation’s data is encrypted, it will be able to recover crucial information that might have been affected.
Organisations are advised not to pay ransoms because there is no guarantee the data will be returned, and even if it is, the integrity of any ransomed data would be highly questionable.