When the Gameover Zeus botnet and Cryptolocker ransomware campaign were dismantled earlier this year, many security professionals rejoiced at the thought that the threat of ransomware attacks was dramatically reduced, but the opposite appears to be true.
Shortly after Cryptolocker was taken down, a copycat attack known as Cryptowall emerged, creating an increase in attacks and causing concern within the industry, DFI News reported. Now, a recent survey conducted by IT professional network Spiceworks has found that ransomware is a growing concern with the cybersecurity community.
While the current threat landscape is giving IT professionals lots to worry about, ransomware appears to be the biggest problem at the moment. The study found that 88 percent of respondents had concerns about ransomware, and one-third of participants had already suffered an attack, IT Pro Portal reported. According to the report, 87 percent of cyberattacks utilizing ransomware originated through email, while 54 percent involved a social network in some way.
When asked about the most popular forms of protection against ransomware threats, respondents reported endpoint security and email filtering to be the most widely used, with 96 percent and 88 percent using them respectively.
More than 65 percent of survey participants predict that the number of ransomware attacks will increase over the next year, and 82 percent of respondents reported having a solution in place at their organization to prevent against ransomware. However, 44 percent of those surveyed said their current security measures are only somewhat effective against such an attack.
According to respondents, a commonly used technique to defend against the malicious encryption of a device is to completely wipe it and start fresh, which can be disastrous for companies that haven't employed frequent backups of sensitive enterprise information.
For businesses looking to avoid possibly losing privileged data or having to pay an exorbitant ransom to a cybercriminal, email encryption is a reliable way to protect against cyberthreats involving ransomware.
The majority of ransomware attacks that begin with malicious emails employ social engineering techniques that use personal information gained from online interactions to make messages seem more authentic and entice victims to click on them. By implementing encrypted email, malicious actors will not be able to read enterprise email communication and therefore are not capable of using the information within to trick employees into falling for ransomware attacks.