LISTEN TO TLR’S LATEST PODCAST:
By Eric Lieberman
“Ransomware” is now so widespread that it cost businesses a total of $1 billion in 2016, according to a new report.
Ransomware is a type of infected software designed to take over a computer system and then block access for the authorized user. Hackers encrypt information critical to the performance of hospitals or even off-shore shipping, for example, then demand cash for the encryption password.
Ransomware’s prevalence increased more than 600 percent from 2015, according to the report titled “2016 Malware Year in Review,” released Thursday by Phishme.
“Phishing,” a popular tactic which baits users over email to disclose personal information, is the delivery method for about 90 percent of ransomware attacks. Phishing typically attempts to acquire sensitive data (like credit card numbers, usernames, passwords, social security numbers) by tricking unsuspecting users to click on infected links. (RELATED: 33 Million Records From Gov’t Departments, Corporations Leaked)
While ransomware accounts for a large portion of phishing attacks, cybercriminals also remain committed to using more traditional tools for the theft of person information, such as a Trojan, a malicious computer program employed for hacking.
Businesses aren’t the only institutions affected by ransomware and phishing. Organizations from hospitals to schools have fallen victim to the cyber-scheme recent years.
A Los Angeles college decided to pay hackers $28,000 to remove infected software from its computer systems after cybercriminals took the school’s data hostage.
The University of Calgary felt compelled to pay 20,000 Canadian dollars (around $15,700) to hackers who infiltrated the college’s information technology systems roughly a year ago.
The cybercriminals committed the ransomware attack by encrypting the school’s data and keeping critical computer files from officials and staff. (RELATED: Everything Online Is Connected, Now There’s A Growing Need For Cyber Insurance)
There are several steps people can take to increase their own cybersecurity including two-factor authentication for their devices and accounts. But the best way to specifically combat phishing is to be cautious and skeptical when clicking on a hyperlink (portal to another web address) from email addresses or on sites that are unfamiliar–a hard task for roughly half of the population.