Ransomware is a relatively new threat, and many business owners still aren’t sure what to make of it. In fact, two thirds of U.S. office workers still don’t know what ransomware is.

This is a big problem. So if you fall into this category, let’s get you up to speed.  

Ransomware is one of the fastest and most devastating forms of malware circulating on the Internet. It can hijack computer files, and hold them until a fee is paid. Oftentimes, the files are destroyed whether or not a payment is received. By the end of the year, ransomware damages will top $6 billion.

Last year, businesses had about a 47 percent chance of getting hit with ransomware, which is about the same as landing on black in roulette. We expect this figure has increased significantly in 2017. Ransomware software sales, for instance, have grown by 2,502 percent YoY across 21 leading dark web marketplaces.  And now, there are more than 6,300 marketplaces currently offering ransomware.

New York City, it should be noted, is the top target for ransomware.

So understand that the ransomware threat is much closer to your business than you may think. Your business may be operating safely and soundly right now, but you are always just one email, one wrong click or one careless mistake away from getting an infection that could destroy your organization. Ransomware is out there in the wild, and could be used against your business at any time and with no warning.  

Many companies, however, still do not have ransomware response strategies in place, and cybercriminals are raking in profits as a result. The average amount paid in ransom among office workers is now up to $1,400. What’s more, 59 percent of workers who have suffered ransomware attacks paid the ransom. And 37 percent claim that their employers paid the ransom. These figures should be much closer to 0 because there are actually relatively few cases where it is advisable to make a ransomware payment. A ransomware attack is a complex issue that needs to be handled by trained, certified professionals. No employee should ever attempt to bury a ransomware attack by forking over money to a hacker — yet it’s happening over and over again in organizations across the world.

You can’t prevent ransomware attacks from happening, but you can plan ahead to minimize the damage. Form a plan now so that instead of panicking when you get hit, your team can spring to action and stop the bleeding.

To learn more about how Apex Technology Services can help, click here.

Here are some of the areas all organizations looking to promote a cybersecurity culture need to focus on.

1.    Cybersecurity training must be done regularly.

2.    Auditing and documentation must be performed regularly to ensure systems are secure.

3.    Anomaly detection should be running constantly to detect threats as they emerge.

4.    Penetration testing shows if systems can easily be reached from the outside. Here is a case where this test might have saved two company’s’ reputations from being destroyed.

5.    Network forensics for when a breach eventually occurs. The bad guys always seem to get in eventually.

6.    An action plan to follow when a breach does occur. Once it happens, few will have the clear heads needed to “wing it” correctly. Equifax botched it’s response in what is being called a PR catastrophe.

To ensure your organization is safe – even if you have internal IT, hire an experienced MSP or MSSP like Apex Technology Services.