Statistics About Ransomware 2021

37% of Orgs Said They Were the Victim of Ransomware In 2021

While ransomware has become increasingly common, less than 10% of the companies victimized claimed to lose money. That’s a good thing, as it indicates that while ransomware attacks may be on the rise, it also illustrates that businesses have headed the warnings and are taking the necessary precautions to protect themselves.

So, what types of things are companies doing to protect their files and sensitive data from becoming encrypted and having to pay a ransom to the hacker to receive the decryption key? Here’s a look at some of the simple yet highly effective strategies that business owners have put into place – and that you can try using, too!

Develop and Implement Training and Awareness Program

Developing and implementing programs that are designed to bring awareness to and train end-users is an absolute must. Since end-users are the most common targets of ransomware attacks, making sure that employees are aware of the threats of these malicious attacks, how these attacks are delivered, and how to identify them is an absolute must. After all, you can’t very well protect your business if your employees aren’t aware of the dangers.

Enable Powerful Spam Filters

In order to block out phishing emails (attempts that are made by malicious entities to obtain sensitive information via email) from making their way to employees and authenticate emails that are coming into inboxes, implement technologies like Domain Message Authentication Reporting and Conformance (DMARC), Sender Policy Framework (SPF), and DomainKeys Identified Mail (DKIM). These technologies are great, as they effectively prevent email spoofing.

Be Diligent with Emails

Make sure that you – and that all of your employees – take care to scan all messages that come into inboxes. It’s also essential to check outgoing emails to see if you spot any threats that may have been attached entirely unbeknownst to you. Filter executable files that are utilized to perform various functions on computers so that they won’t be able to reach employees.

Create Firewalls (and put them in place)

Take the time to configure firewalls that will block any access to IP addresses known to have malicious intent. This simple tip can be a real lifesaver.

Scan for Viruses and Malware Regularly

Be sure to set up anti-virus and anti-malware programs. Set these programs up so that they execute scans on devices in programs (email, etc.) regularly – and that they check your programs regularly.

Manage Privileged Account Use

It’s also a good idea to manage a privileged account based on the least privilege. For example, you should not assign any administrative access to any employee unless doing so is essential. If necessary, employees who are given administrator accounts must be instructed to use them only when it is vital.

Configure Access Controls

This includes directory, file, and network share permissions, and the configuration should (again) be done with the least privileged in mind. For example, if it’s only necessary for an employee to access and read specific files, they should not be granted write access to the files, shares, or directories.