News Feature | July 16, 2014

Security Concerns Grow Over Ransomware

By Cheryl Knight, contributing writer

Ransomware  Concerns Grow

A survey by IT security company KnowBe4 shows concern over ransomware is growing. The study reveals 73 percent of IT professionals surveyed are “very or extremely concerned about it,” an increase from 48 percent responding in the same way in a study by IT security company Webroot in January of this year.

“We thought it would be interesting to use the same questions to see what impact ransomware has had in six months’ time. We found the threat of ransomware is very real, and IT professionals are increasingly realizing traditional solutions like endpoint security are failing,” said Stu Sjouwerman, CEO of KnowBe4. “IT pros agree that end-user security awareness training is one of the most effective security practices to combat these ransomware threats.”

The study also shows about half of the IT professionals surveyed know someone who has experienced a ransomware attack — and it worries them more now than before,  with 88 percent expecting ransomware to increase for the remainder of the year compared to 66 percent at the start of this year. Another key finding is that only 16 percent feel their current solutions are very effective.

Most IT managers responding say they rely on backup to restore files encrypted or lost during a cyberattack, but 57 percent say if backup fails, they would be forced to pay the ransom. Most respondents, 88 percent, say security awareness training is an effective protection from ransomware, over backup. 

According to report by EMA, 56 percent of employees still receive no security awareness training, and the programs that do exist are not all the same. KnowBe4 recommends frequent training to keep employees aware and feels so confident about the effectiveness of their program that they will cover its customer’s crypto-ransom if they get hit.

In a recent blog, Intronis listed steps IT solution providers can take to help protect their customers from cyberattack:  

  • Inform Your SMB Clients. By keeping clients informed, you can help prepare them for when spammers do eventually attempt to convince them to click on suspicious links. By knowing some of the tricks spammers use, your clients can keep an eye out for suspicious links.
  • Protect Their Data. Backup your client's data often. That way if and when they do suffer from a malware infection it will be much easier to restore their data.
  • Manage Their Security. One of the biggest mistakes many customers make is by downloading so-called malware removal kits. As an IT solution provider, you should make sure that your clients do not install any security software that you haven’t approved.
  • Follow Best Practices. Educate your customers in the best practices to follow when dealing with email. This includes not opening email or downloading any attachments from someone they do not know.