The popularity of ransomware
The popularity of ransomware has grown significantly in the last two years. In 2016, security firm Trend Micro identified 247 new ransomware families, whereas there were just 29 in 2015.
As of March of this year the count has expanded to 319 different types of ransomware. Executives should assume that malware, and ransomware in particular, is sufficiently prolific that it is no longer a question of "if" you are going to get hit, but "when."
What is Ransomware?
Ransomware is malware that encrypts its victim's files with unbreakable encryption and then demands a payment, usually in bitcoins, before agreeing to unlock the system and unscramble the data.
The hacker typically uses the strongest encryption currently available, which essentially makes it unbreakable by the vast majority of users. Large numbers of files are infected as the worm spreads across the organization's network and directories.
Most of the attacks are made via spam email campaigns, exploit kits, infected streaming video subtitles, or the injection of malicious or malware-laden advertisements.
Unfortunately, most users and organizations are susceptible to these malware attacks because most users run a common set of business applications, email platforms and database software on similar infrastructure and operating systems and users are tempted to open the file.
The hacker designs his malware to go after known flaws in the most common platforms first so that he can achieve the highest level of disruption.
In part two we'll cover Preventative Measures: There are five steps that organizations can take to minimize the risks of malware attacks.
About the author
Mr. Braunstein serves as Chairman/CEO and Executive Director of Research at the Robert Frances Group (RFG). In addition to his corporate role, he helps his clients wrestle with a range of business, management, regulatory, and technology issues.
He has deep and broad experience in business strategy management, business process management, enterprise systems architecture, financing, mission-critical systems, project and portfolio management, procurement, risk management, sustainability, and vendor management. Cal also chaired a Business Operational Risk Council whose membership consisted of a number of top global financial institutions.