As the number of ransomware attacks continues to increase, so does their level of automation and sophistication. According to Adenike Cosgrove, a cybersecurity strategist at Proofpoint, “a staggering amount of UK businesses experienced a phishing attack in 2021 and 91% of those attacks were successful.”
Research carried out by Proofpoint also revealed that 82% of British firms that have been victims of ransomware attacks paid the hackers to get their data back. With the global average 58%, this makes businesses in the UK the most likely to pay cyber-criminals.
How Does Ransomware Work?
Phishing attacks are the most common way for criminals to access networks. Persuading an employee of a firm to click on a link in an email that contains malware enables the hacker to access company networks. Once hackers break through the firewall, they can encrypt vital data and demand a ransom to get the information decrypted.
Research demonstrates that many organisations that have been victims of ransomware end up paying several times. Only half of the surveyed companies regained access to their data and systems. After the first payment was made to the hackers, additional money was demanded.
Although it is not illegal, negotiating with cybercriminals in this way is discouraged by governments and industry as it incentivises hackers to carry out further attacks. Tackling the crime of ransomware takes up massive amounts of time and resources for organisations such as the National Cyber Security Centre, National Crime Agency, and GCHQ.
Despite their efforts to prevent cyber-attacks and support victims, the problem continues to grow. A global coalition of technology companies and law enforcement bodies is now calling for ‘aggressive and urgent’ action against ransomware.
The Ransomware Task Force is also recommending that governments make it mandatory for victims to report if they do pay criminals, so that the true global cost of ransomware can be calculated.
Build a Culture of Security
As companies move towards the flexible modern workplace, there are simple steps that can be taken to make remote systems more secure from all types of cybercrime, including phishing and ransomware.
While traditional anti-virus software solutions try to prevent attacks, modern Endpoint Detection and Response (EDR) solutions actively discover and remediate threats across devices, desktops, and servers. This is the best way to protect you and your clients against fileless malware, document and browser exploits, malicious scripts, and credential scraping.
Bolster your business’ security with the same vendors you sell to clients. Having a certified cybersecurity system in place will keep your data—and your clients’ data—safe by protecting wireless endpoints. Benefit from your own security stack.
Register for a Crash Course in Cybersecurity
Pax8 is in your corner when it comes to your business’ security. Join us for a cybersecurity masterclass. We’ve teamed up with the cybersecurity expert and influencer, Mostyn Thomas, who will teach you the most up-to-date best practices that keep your organisation secure.
Reach out to your Pax8 Account Manager for additional information.