Intermedia news
Ransomware attacks spike: Data points to employee actions as a key contributor
As explained in part 2 of Intermedia’s Data Vulnerability Report, organizations aren’t giving due focus to educating employees about how to handle a ransomware attack once one has occurred. As a result, this education gap is resulting in a booming business for hackers – one that market researcher Cybersecurity Ventures expects to surpass $5B this year.
The bottom line – hackers are betting on organizations/employees that aren’t aware of how to get their data back after a ransomware attack without paying the ransom.
Employees aren’t always instructed on what to do if they are a victim
If global attacks like WannaCry and Petya have done anything positive, we’ve seen them increase awareness around the massive impact ransomware can have. And while 70% of organizations are trying to educate employees about cyber threats, these efforts aren’t extending to what they should do in the event that they fall victim to a ransomware attack. As a result, impacted employees are taking actions that could dramatically undermine their organizations’ security efforts — and damage their bottom line – such as thinking that it’s a good idea to pay the ransom personally out of their own pockets.
(click image to enlarge)
Intermedia’s report found that both employees and employers don’t feel that there is an alternative route to paying the ransom:
(click image to enlarge)
You don’t need to pay the ransom, people!
As the number of victims continues to spike, organizations need to make ransomware education more of a priority. Much of the pain and agony ransomware inflicts can be prevented. Even once the initial damage is done, educated employees can still help to contain the infection by closing their computer to get it off the network. Simultaneously, organizations should have a continuous backup product in place to simplify the file restoration process, while eliminating the need to pay the ransom in the first place.
Learn more about how to integrate ransomware education into your broader data breach and cybersecurity training efforts in this latest part of our Data Vulnerability Report.