CNNMoney predicts that ransomware will be a $1 billion business in 2016. During the first three months of 2016 alone, cybercriminals have collected more than $200 million using ransomware. Ransomware attacks are targeted at businesses of every size and companies in every industry. In the past, ransomware was typically easy to detect since it was delivered in spam emails.
Traditionally, the two most common types of ransomware have been device lockers, which lock the screen of the computer, and crypto-ransomware, which finds files and encrypts them. Over the past few years, ransomware has advanced and cybercriminals are now utilizing spear phishing emails targeted at specific individuals. According the Symantec 2016 Internet Security Threat Report, the average ransom demand for 2016 is $679, an increase from $294 in 2015. The FBI does not support paying a ransom in response to an attack. Paying a ransom does not guarantee an organization will get its data back and encourages cybercriminals to target more organizations.
In addition to keeping your anti-virus and anti-malware solutions up-to-date and backing up your data, the FBI recommends that all organizations educate employees about ransomware and inform them of their important roles in protecting the organizations’ data. Various industries require security awareness compliance. Be sure you are aligned with regulations including the Payment Card Industry Data Security Standard (PCI DSS), Sarbanes-Oxley (SOX) Act and the Health Insurance Portability and Accountability Act (HIPPA).
Tech Data offers security awareness trainings through Kaspersky and through our new vendor, KnowBe4. For employees, Kaspersky offers 17 different 15-minute trainings on various skills, simulated phishing attacks, knowledge assessments, and analytics and reporting. For managers, Kaspersky offers face-to-face trainings with security experts. A short business simulation game is also available for senior management.
KnowBe4 offers training campaigns, simulated attachments, custom phishing templates, detailed reporting and custom landing pages. KnowBe4 also offers a ransomware guarantee, which will pay the ransom if a customer is hit with ransomware due to the human error of a trained employee. In June 2016, KnowBe4 surveyed more than 1,000 companies in various industries and 38 percent of respondents had been hit by ransomware, up from 20 percent in 2014.
With ransomware becoming a greater threat than ever, now is the time for end users to complete effective security awareness training, like those being offered by Kaspersky and KnowBe4. For more information on security awareness trainings, please contact Tech Data’s Security and Information Management business unit at (800) 237-8931 ext. 73246.