There was a time when simple malware developed by amateurs was placed in computer programs and could easily be extracted with a little work. However, today, in the age of organized crime, the focus is on money and the damage is much more devastating than it used to be.
What’s the big deal?
For consumers, the average ransom is typical $300, but for businesses where data is as valuable as gold, the ransom charges are higher. Even if you do pay the ransom that the cybercriminals demand, there is no guarantee you will get your data back to its original form.
“According to the Corporate IT Security Risks Survey 2016, the average amount of damage caused by one cryptomalware attack may cost small and medium businesses up to $99,000.”
Who are these people?
Well, they’re not exactly people but a few examples of recent cryptors are CryptoLocker which spreads through email attachment, Locky which is spread via spam, Cerber which actually talks to the victim, and CryptXXX which targets CMS sites.
According to Andrey Pozhogin, a cybersecurity expert at Kaspersky Lab, “A modern cryptor will often perform a number of additional actions that prevent the recovery of encrypted data–including deleting or encrypting Shadow Copies used for storing System Restore Points and regular Windows backups.”
How will it affect my business?
Imagine that all your company’s data — sales, finances, product information, design codes, customer accounts — were lost. How would you handle it?
A loss in data can affect business processes and lead to:
> a loss in sales
> frustrated customers
> increased costs to regain access
> tarnish company reputation
According to a 2016 Corporate IT Security Risks Special Report Series, “42% of small to midsize businesses say they consider cryptomal ware to be one of the most serious threats that their organization could face.”
What should I do?
> Back up your files frequently.
Doing so can save you the headache of having to fight with the cybercriminals to regain data.
> Arm against phishing attacks.
Teach employees to watch out for fake email messages and malicious links that often appear as real.
