Ransomware—a type of malware that holds private information hostage until a payment is made—continues to be one of the most damaging cybersecurity threats. And the potential risk to businesses seems to be growing worse by the day.

In 1Q16, for instance, Kaspersky Lab detected a 14 percent increase in new ransomware modifications. And according to Kaspersky, Teslacrypt, CTB-Locker and CryptoWall were the most widely-used forms of ransomware during this time.  

What’s more, April and May saw record numbers of ransomware attacks.

As evidenced, the global ransomware-as-a-service market is thriving. It’s a market that grew from about $400,000 in 2012 to almost $18 million in 2015. Healthcare is currently the biggest target for ransomware attacks, although cybercriminals are aiming at every vertical.

Why is the market growing so quickly? First and foremost, ransomware is an extremely effective digital coercion tool. As we pointed out in a recent article, almost half of all American ransomware victims have paid a ransom to regain access to their data. CryptoWall alone accounted for more than $325 million in worldwide damages last year.

The fact of the matter is that when faced with the decision to pay a ransom or lose their data forever, most people choose to pay the fee—and in doing so, support a criminal or even terrorist organization. In other words, there is no way to understand exactly where the money will be put towards. Paying a ransomware fee means blindly contributing to an illegal cause. In light of this, ransomware is proving to be a very enticing business endeavor for cybercriminals—particularly those located overseas, as Flashpoint explained in a recent study:

• It’s high-paying: In Russia, the average “ransomware boss” makes an average annual salary of  $90,000. This is about 13 times the average current wage in Russia. It’s easy to see why ransomware is spreading so quickly; at least at the highest level, engaging in this type of activity pays much more than other jobs. 
• You don’t have to be a cyberwizard to deploy it: These crime bosses— meaning those who who have access to ransomware source code and deploy it on a massive scale—recruit new members and equip them with the means to start spreading ransomware. Getting started, in other words, doesn’t require an advanced degree or a great deal of money, which makes it very alluring—at least to opportunists with few scruples.

So don’t expect that ransomware will simply go away or that your business can fly under the radar. Eventually, ransomware will find you. Instead, take action; you’ll find it much more time- and cost-effective to prepare your organization for an attack now—before you arrive at work one day and find your computers locked. Although you can’t prevent a ransomware attack, you can take active measures to absorb the damage.

The best preventative measures to take are to spread cybersecurity awareness among your employees, back up your critical information so you can avoid making a payment, and make sure your network is up to date with the latest safeguards like firewalls and security patches.

A new breed of hacktrepeneurs has awoken and they have little to fear and everything to gain by infecting as many companies as possible and extorting money from them. Apex Technology Services stands ready to protect your company regardless of whether it’s located in New York City; White Plains, New York; Connecticut; Australia; Europe; or anywhere else. Our full suite of cybersecurity and IT support services is at your disposal, enabling you to spend less time worrying about and more time growing your business.

In addition, our new Cybersecurity Compliance Certification for law firms will help keep your legal practice from becoming the next Panama Papers victim. This baseline cybersecurity audit for the legal industry should be considered seriously by all law firms.