Halfway through the fiscal year, the top 2016 hacker trend has become clear: ransomware.
PhishMe, a threat management team, reports that ransomware attacks have increased 56% since 2015, and ransomware is attached to as much as 93% of all phishing emails.
Why the trend? Ransomware is more efficient, easier to use and safer for the hacker.
The cybercriminals of 2016 have begun to realize that attacking small businesses has an even better return than targeting individuals or big businesses.
There are several reasons for this. First, the average ransom runs a victim one to two bitcoins, which is between $400 to $800, maxing out around $1000 (depending on the exchange rate). This can be difficult for some individuals to afford but is generally a lot more affordable for businesses. Additionally, individuals may not be computer savvy enough to complete the ransom, but most companies have at least one person in their IT Department.
As for small vs. big businesses, someone might assume that larger companies have more cash flow smaller companies. While this is true, it is also true that, generally speaking, the bigger the firm, the more sophisticated the cyber security. So while a hacker could ask for a higher ransom from a bigger company, it would be more difficult to actually infiltrate the system.
Ransomware is becoming extremely easy-to-use, with already assembled kits available that are essentially “Encryption for Dummies.” This gives hackers more time to get creative with their activity. For example, some are “soft-targeting” their victims by researching and using using a person’s job title within the company to craft a more individualized email.
When files are successfully encrypted, victims have found that it is usually just cheaper to pay the ransom, then it is to fight to recover files.
Another reason for the growing popularity of Ransomware is that this type of malware is safer for the hackers. A person who steals victims’ information runs a higher risk of getting caught if he/she then turns around and finds a seller (who could be law enforcement in disguise) or commits the identity theft his/herself. Ransomware also shortens the amount of time it takes for the hacker to actually receive payment.
What to Do if You Become a Victim
As previously mentioned, it is generally less expensive to just pay the ransom than it is to prosecute the criminal, or to lose all your files. That being said, every time a person pays a hacker, it just perpetuates the trend.
So what should you do, then? Simple. Make sure you back up your files CONSTANTLY. If they are all duplicated, then you have no reason to pay to retrieve them.
If you would like assistance safeguarding yourself or your business against this rising trend, please give us a call at 919-355-5541.