Nearly half (45%) of all businesses recognise the serious threat posed by crypto malware, also known as ransomware, which drew a sharp increase from 37% in 2014, according to new research from Kaspersky Lab and B2B International.
Despite this rising awareness, crypto malware attacks continue to severely impact companies, with the CryptoLocker ransomware, for example, believed to have infected more than 234,000 computers worldwide.
Many companies admit that they often just pay up. The gang behind CryptoLocker is believed to have made $30 million in the space of just 100 days, while the creators of CryptoWall may have pocketed as much as $325 million.
Businesses are a tempting target for ransom attacks. It does not matter if they are very small or of enterprise size, crypto malware will find a way in if there is no security to block it.
Like other forms of malware, it enters a network through emails, malicious attachments or links from a compromised website, which is then opened, downloaded or clicked on by unsuspecting employees. There are no signs to alert a user that they have been infected until they receive the ransom demand.
“Businesses often pay up without realising that there is no guarantee that their data will be unlocked when they do – and there is new evidence that poorly-coded ransomware can mean some information is never recovered,” said David Emm, principal security researcher at Kaspersky Lab.
“The best way to protect the company’s data and assets is to implement comprehensive cyber-security measures that cover everything from infrastructure and storage to mobile networks – all accompanied by employee awareness and education,” said Emm.
He added that it’s essential that data is backed up regularly, so that the company doesn’t find itself in the invidious position of having to choose between paying the ransom or losing data.