Businesses may be counting on their employees to avoid clicking on ransomware-laden emails, but surging infection rates show that most employees still aren’t getting the message – and a new consumer survey may explain why.
Timed to coincide with today’s World Backup Day events, a consumer survey from backup vendor Acronis found that nearly two-thirds of respondents had never heard of ransomware and that – even though a third had experienced data loss in the past – fully a quarter of them never back up any of their data.
Those figures, which are in line with statistics offered by World Backup Day organisers, may bode poorly for the preservation of personal memories and files that consumers claim to hold dear. This apathy has even bigger implications for businesses that are trying – usually unsuccessfully – to educate users to be sceptical enough about incoming emails that they can stop locking up their systems and interrupting the flow of business.
CSOs, in particular, have found the process frustrating, with attendees at recent CSO Perspectives events relaying near universal experiences cleaning up after an errant ransomware infection. Many said users were clicking past Web pages designed to educate them about ransomware, and one attendee said ransomware had become so common in his company that his IT team had perfected the process of quickly wiping devices and restoring them from backups.
Such backups had made all the difference, security consultant and former FBI agent Jeff Lanza told the CSO Perspectives audience, between a California hospital that declared an internal emergency and ended up paying $US17,000 ($A22,150) after an outbreak, and a Kentucky institution that avoided paying a ransom because it was able to restore its Locky-infected data from backups.
“Having a good defence is not god enough, and having a better defence is not good enough,” Lanza said during a keynote presentation in which he emphasised the value of a good backup in stopping ransomware from being catastrophic.
“You have to have the best defence,” he continued, “and that is backup. Because recovering from ransomware is usually a lot more than paying the ransom – and a lot more than preventing it to begin with.”
Successful ransomware infections may have flow-on benefits in their ability to get the attention of CEOs – but with small businesses reeling after often costly attacks and business data continuing to suffer from increasingly targeted attacks, effective backup regimes are emerging as crucial defensive elements for corporations that are being urged not to pay ransomware demands if they can help it.
Yet employees are consumers outside of work, and if 62.2 percent of them have still never heard of ransomware – as suggested by the Acronis figures – CSOs face an uphill battle educating them well enough to prevent ransomware attacks from continuing to serve as background noise for corporate security strategies.
Only 5.8 percent of respondents, after all, understood that it can cost more than $US500 ($A650) to recover their data after an attack – and if the company is paying, few feel the financial pressure to actively avoid ransomware.
“This survey exposed a serious disparity between the value assigned to respondent data and what is actually being done to protect that data,” said Acronis chief marketing officer John Zanni in a statement. “This is true for both the consumer market and for businesses.”
“Backup still remains the most effective vaccine against data loss,” he continued, adding that there is “no excuse” for inadequate backup regimes given the preponderance of effective solutions on the market. “Creating a backup before disaster strikes is much more efficient and cost effective than looking for a cure when your data is lost.”
Some vendors are exploring different ways of securing files so they can be rolled back in the event of a ransomware attack: Acronis, for one, recently launched a storage system that incorporates blockchain technology for non-repudiable file change tracking, while startups like Storj and Sia are promoting blockchain-based cloud storage services that take a new direction in the prevention of ransomware.