Ransomware Damages Projected to Skyrocket
With 2017 coming to an end, the final ransomware damages are being released. This year alone, ransomware damages are projected to total $5 billion. This includes not only the ransom demands paid, but also the company downtime, remediation efforts, loss in productivity, investigation costs and reputation damages. One would almost think, it cannot get much worse. However, according to CSO, ransomware damages will exceed $11.5 billion by the end of 2019.
The ransomware epidemic will not be slowing down anytime soon. Therefore, users must be proactive. The US-CERT recently issued a warning regarding malware, and what users need to do to be prepared. Below are the top tips:
- Use application whitelisting. This is a default-deny approach, which will only allow trusted programs to execute. All unknown files will be blocked from running, until proven safe. PC Matic Pro, PC Matic MSP, and PC Matic for home users all use an application whitelist as its core malware detection method.
- Keep all software updated. This includes operating systems, third-party applications, and security software. Updates are released for these programs for various reasons, including to patch security vulnerabilities. If software is not being updated, users are leaving backdoor access available for hackers to exploit.
- Disable macros. Often times, malware requires enabling macros to execute. If macros are disabled, it could prevent the malware from infiltrating the system.
- Review and edit rights. Many employees are granted privileges not needed for their daily tasks. By having an excess of administrative rights, they are allowing passages for malware to spread, where otherwise unnecessary.
- Think before you click. Do not click on links or emails that are unfamiliar. Hackers exploit two user vulnerabilities here. First, our consistent need to be connected. Whether it is our PC, tablet, or phone, we always seem to have access to our emails. Second, we tend to click through emails quickly, due to the large quantity received daily. Therefore, cyber criminals hope users are not being cognoscente of who the email is from, or where the link is going. They will simply make it look legitimate and urgent, making users feel the need to resolve or explore whatever issue the email is claiming.