Majority of Employees Personally Pay Ransom Demands
In a survey completed by Intermedia, it was found that a vast majority of employees paid up after being hit with ransomware. Ransomware is a malicious software that infiltrates devices, servers, and networks which encrypts data. After encryption a ransom note will be displayed, stating in order to retrieve the locked files, users must pay a sum of money. The survey reports after being infected, 59% of employees paid the ransom demands through their personal account. Another 37% reported their employers paid the demands to unlock the data. The remaining 4% reported no ransom was paid.
What employees and employers may not be aware of, is the risk of paying the demand. Upon sending the payment to the hackers, there is no guarantee the files will be unlocked. By paying the ransom, the employee and/or company also puts a target on their backs for additional ransomware infections, because the cyber criminals know they will likely pay again.
Instead of paying the ransom demands it is encouraged users retrieve their files via backups. Although, backups are not always a golden ticket for remediation. Often times, backup files are outdated or corrupted. If backup systems are up-to-date, companies often will not use them to remediate their systems due to the amount of time and man-power it will take to restore the systems.
An alternative approach is to focus on prevention, instead of remediation. By using an application whitelist approach, ransomware attacks can be significantly minimized, if not completely avoided. A default-deny approach, such as application whitelisting, only allows known trusted programs to execute.
To access the full survey, click here.