According to Verizon’s 2016 Data Breach Investigations Report, ransomware is one of the fastest growing exploits, accounting for nearly two-fifths of crimeware seen, up from just under 5 percent in the previous year’s report. At the same time, employees appear to be taking less responsibility for security. According to the Ponemon Institute, just 39 percent of end users are taking all the steps that they should to protect sensitive information — a sharp decline from the 56 percent recorded in 2014. In spite of this trend, how to avoid ransomware should be top of mind for all businesses.

How to Know if You’re Infected

According to a recent report published by CSO Magazine, if you think you might be a victim of ransomware, you should look for the following signs:

  • Upon starting up a device, access is denied and a screen appears that provides instructions on how to pay the ransom to restore access.
  • Individual files won’t open automatically, and instead feature a message asking you to specify the application required.
  • Files have odd extensions, or none at all.
  • You’ve received payment instructions for the ransom, typically stored in a .txt or .html file.

How to Avoid Ransomware

One of the best ways to avoid ransomware is to ensure that employees are aware of the risks of security attacks and the best ways to avoid them. Methods to raise security awareness among employees include investing in adequate training, providing them with secure devices and making sure they’re informed about what ransomware is and their role in its prevention. Preventing ransomware attacks also includes making sure you have updated technology and adequate security measures in place. Access controls should be granular, with privileged accounts tightly managed and providing only the privileges that are actually required. All software, including operating systems and security controls, should be regularly patched and kept up to date.

According to a recent report by PhishMe, 93 percent of all phishing emails seen at the end of March 2016 contained encrypted ransomware, up from 56 percent in December 2015. In total, the number of phishing emails seen in the first quarter of 2016 reached 6.3 million, an increase of 789 percent from the last quarter of 2015. To prevent security attacks such as ransomware, not only should organizations educate users about the dangers of emails with malicious attachments and links, but it’s also recommended that they disable macros in documents sent via email. Some ransomware strains actively look for further files to infect, so all file share locations should be secured so they can’t be accessed.

Steps to Take if You’re Infected

If you do find yourself the victim of a ransomware attack, the first step is to disconnect your machine from the internet to keep the infection from spreading. According to Intermedia, ransomware is increasingly being observed propagating throughout organizations, with 86 percent of outbreaks recently seen affecting two or more employees and 47 percent spreading to more than 20 employees.

The best option to ensure that you can recover from ransomware is to restore files from backups. This requires that you make and verify backups regularly to ensure your data is recoverable. It’s essential that all backups are secured and held in a location that’s isolated from computers, other devices and networks.

With cybersecurity a growing problem for enterprises, every organization and employee needs to be aware of how to avoid ransomware and what measures they should take if infected. Although paying the ransom may temporarily solve the problem, it opens the door for criminals to target you again. Taking the right preventative steps against such infections is the only way to effectively ensure that your organization is free from the threat of ransomware.

When it comes to security awareness, employees just might be your weakest link. Here’s what you can do to ensure everyone in your organization does their part to keep information secure.

Posts By

Fran Howarth

Fran Howarth is an industry analyst specializing in security. She has worked within the security technology sector for over 25 years as an analyst, consultant and writer. Fran focuses on the business needs for security technologies, with a focus on emerging technology sectors. Current areas of focus include mobile security, cloud security, information governance and data security, identity and access management, network and endpoint security, security intelligence and analytics, and security governance and regulations. Follow Fran on Twitter: @FranNL

View more posts by Fran Howarth