Ransomware – malware designed to hijack computers and force victims to pay ransoms to have their files decrypted – is expected to spike in 2016, affecting all industries equally. Since the first wave was discovered in 2005, new variants are being discovered all the time, and they're evolving in sophistication.
No longer soley a threat to individuals and small businesses, nearly 60% of businesses hit by ransomware had more than 100 employees, and 25% were enterprises with more than 1,000 employees according to new research from cloud IT services company Intermedia.
What’s more, the virus was observed propagating rapidly within corporate networks, with 86% of outbreaks affected two or more employees, and 47% spreading to more than 20 people.
'The world is becoming more cyber-aware, but ransomware’s depravity keeps it three steps ahead,' said Felix Yanko, President at Technology & Beyond. 'CryptoLocker, for instance, will take down multiple offices in one sweep, should it infect a shared server. A business that tries to restore from a ransomware attack off of traditional backup usually loses weeks of work due to lost files, plus a day or more of downtime while computers are wiped and reloaded. Companies must have measures in place to mitigate the devastation of ransomware.'
The draining of company bank accounts is usually the top risk cited to businesses, with the CryptoWall strain having stolen more than $18m in 2014-2015 according to the FBI. But this latest research, which asked nearly 300 expert IT consultants for their perspectives on the scope and costs of this trending malware, found that the experts’ opinions contradicted conventional wisdom regarding the threat associated with ransomware: business downtime was ranked as a far bigger cost than the ransom itself.
A ransomware outbreak creates two hard choices for businesses: either spend multiple days recovering locked files from backups, or pay ransom to an organised crime syndicate.
In either scenario, though, businesses are likely to face significant user downtime that overshadows the cost of the ransom. 72% of infected business users could not access their data for at least two days following a ransomware outbreak, and 32% lost access for five days or more.
As a result, experts observed significant data recovery costs, reduced customer satisfaction, missed deadlines, lost sales and, in many cases, traumatised employees.
This widely observed downtime implies that few companies possess a business continuity solution for a ransomware outbreak. Such a solution enables users to remain productive during a ransomware outbreak, offering the capabilities to instantly roll back an archive of files to their uninfected state and to immediately access those clean files from alternate devices.
'In the age of ransomware, what matters is how quickly employees are able to get back to work,' said Richard Walters, SVP of Security Products at Intermedia. 'Traditional backup and file sharing solutions are increasingly inadequate when it comes to addressing this growing concern, putting businesses at risk. Modern business continuity solutions that combine real-time backup, mass file restores and remote access combat threats by minimising the crippling effects of downtime.'