As the number of ransomware attacks continues to grow, more and more organisations are actually paying cybercriminals to access their data and systems again.
The number of ransomware victims succumbing to extortion has more than doubled in the past year, according to global research by CrowdStrike. 39 percent of organisations affected by a ransomware attack decided to cough up the ransom money. In 2018 this was only 14 percent.
That increase is problematic. Police and security specialists advise never to pay the ransom because it just encourages cybercriminals and gives them the financial means to carry out more and more sophisticated attacks. The chance of them being caught is very small, which keeps the risk low, while the potential profit only increases.
Victims, on the other hand, often see it as the easiest way out, especially when critical data is affected and no, or only outdated, backups are available. The vicious circle is thus maintained and strengthened.
So, we won’t be leaving ransomware behind us in 2020 either. However, despite the popularity and success of the attacks, protecting your data is basically not that difficult when you apply a number of basic principles.
- Make sure all your software and systems are patched with the latest security updates. Many ransomware uses known vulnerabilities in popular software to break into a network.
- Do not use standard passwords and activate two-step authentication where possible. This will limit the attacker’s freedom of movement in case they have penetrated your network.
- Make regular backups of your data. If ransomware has made your data inaccessible, a recent backup will help you not to have to pay. Make sure that the backup is kept offline so it’s not encrypted by the ransomware.