If there is one cyberthreat that should be keeping you up at night, it’s ransomware—a type of malware that can hijack your files and devices, and hold them ransom.
According to a recent report from Varonis and Ponemon Institute, 75 percent of organizations are very concerned about ransomware. Fifteen percent of organizations have experienced ransomware attacks.
Only about half were able to detect the attack within 24 hours.
This is especially frightening when considering the fact that ransomware often gets more destructive the longer it sits inside of an infected device. Certain types of ransomware, for instance, will encrypt files at regular intervals. According to Varonis, 35 percent of organizations have no searchable records of file system activities. This means such organizations are unable to even determine which files are encrypted by ransomware!
Perhaps the most alarming part of the report is the fact that insider negligence is more than twice as likely to cause a compromise of insider accounts.
This could be due to a lack of concern on the part of end users. In a separate study, researchers found that about half of all subjects clicked on links from strangers in emails and Facebook messages. And most people claimed to be aware of the risks.
The key takeaway here is that end users in your company are also clicking on random links online, without thinking of the consequences. And every time they do, they put your business at serious risk.
Part of the problem is that companies tend to silo their IT departments and strategies. For most users, IT is just the group that comes around to connect and disconnect computers, ensure uptime and troubleshoot issues.
It’s vital to instill the belief that everyone in the organization is part of IT. Since everyone is using connected devices in the network, it’s the job of every employee to browse the Web responsibly. This means being extra vigilant about cyberthreats.
An IT department, after all, can only do so much to prevent a cyberattack. This is largely due to the fact that malware is everywhere on the Web these days—not just on websites. It can be found in advertisements, email attachments and other common places.
In a recent blog post, for example, we explained a new type of ransomware that disguises itself as a Windows update. End users get duped into clicking on the notification, which then runs a program that extracts files and locks them.
So make cybersecurity awareness a priority in your organization. Send email notifications to your workers, and post messages around the office asking employees to watch what they click online. This will sound the alarm that you are serious about preventing an incident.
You could also run a comprehensive cybersecurity training course. Apex Technology Services can train your employees about the dangers of cybercrime.
For more information, click here.
A new breed of hacktrepeneurs has awoken and they have little to fear and everything to gain by infecting as many companies as possible and extorting money from them. Apex Technology Services stands ready to protect your company regardless of whether it’s located in New York City; White Plains, New York; Connecticut; Australia; Europe; or anywhere else. Our full suite of cybersecurity and IT support services is at your disposal, enabling you to spend less time worrying about and more time growing your business.
In addition, our new Cybersecurity Compliance Certification for law firms will help keep your legal practice from becoming the next Panama Papers victim. This baseline cybersecurity audit for the legal industry should be considered seriously by all law firms.