In This Section
Subscribe to PICPA Blogs
Sign up for weekly accounting industry updates from PICPA's blog, podcasts, and discussion board topics.

Subscribe for Weekly Updates
Disclaimer
Statements of fact and opinion are the authors’ responsibility alone and do not imply an opinion on the part of PICPA officers or members. The information contained in herein does not constitute accounting, legal, or professional advice. For professional advice, please engage or consult a qualified professional.
CPA Now

Ransomware Prevention: What You Can Do about It

Thomas G. Stephens Jr.By Thomas G. Stephens Jr., CPA, CITP, CGMA

One of the most, if not the most, significant issues of 2019 in information security was the proliferation of ransomware. Unfortunately, this trend is likely to continue in 2020. Therefore, let us examine some ransomware statistics so we can prepare to defend our data.

What Is Ransomware?

Cybercrime: Mysterious hand on computerRansomware is a form of malware that takes your data hostage and holds it for ransom. Typically, ransomware encrypts your data so that you cannot access it. Once the encryption is complete, the cybercriminal will notify you and demand payment. Sometimes they provide the encryption key to regain access to your data; other times they just extort the ransom and never supply the encryption key, keeping you from your data.

In the event your systems become infected, there are a few options for recovering your data without paying the ransom. If you have proper backup controls in place, you can restore your data from those backups. Unfortunately, when poor backup procedures are in place, ransomware can encrypt the backups too. Similarly, poor backup procedures could mean no recent and reliable backups would be available. The best measure, of course, is to make every reasonable effort to prevent ransomware from infecting your systems in the first place.

10 Chilling Statistics about Ransomware

Ransomware places near the top of the list of cybercrimes. To gain an appreciation of how widespread ransomware is today, consider the following statistics:

  • The cost of a ransomware attack continues to escalate. Datto Inc., a provider of cloud-based software and technology solutions, reports that ransomware costs businesses more than $75 billion annually. Sophos Ltd., security software provider, reports that the average cost of a ransomware attack on a single business is $133,000.
  • The rate of ransomware attacks continues to escalate. Cofense (formerly PhishMe) reports that ransomware attacks have increased 97% over the past two years.
  • Cybersecurity Ventures estimated that new businesses fell victim to ransomware every 14 seconds during 2019.
  • Phishing remains a popular way of committing a ransomware attack. Webroot indicates that cybercriminals create 1.5 million new phishing sites every month. Further, Cofens reports that during 2019 ransomware from phishing emails increased 109% over 2017.
  • The health care industry is a favorite target of ransomware attacks. As reported by insurer Beazley, almost half of all ransomware incidents reported in 2018 involved health care companies. Healthcare IT News reported that 18% of health care devices have been the target of malware. Additionally, a report by CSO Online estimates that the number of attacks on health-care-related companies will quadruple by 2020.
  • Governmental organizations are becoming popular targets of ransomware attacks. During the summer of 2019, at least 23 municipalities in Florida and Texas fell victim to ransomware. Previously, major cities such as Atlanta and Baltimore became victims. In the case of the Atlanta attack, remediation costs were reported by the Atlanta Journal-Constitution to be as high as $17 million.
  • Ransomware attacks are not limited to Windows-based PCs. Technology security company Fortinet Inc. expects mobile malware, banking malware, and ransomware to be top security threats.
  • As reported by Carbonite, ransomware often enters small businesses through unsecured remote desktop protocol (RDP) ports on Windows-based PCs. A recent report by Shodan indicates at least 3.3 million computers worldwide are exposed through open RDP ports, and one-third of those devices are in the United States.
  • Another popular mode of attack is to plant links to the malware in email messages. One study published by Newsweek indicates that about 50% of people will click on links from unknown persons.
  • As reported by SafeAtLast, more than 77% of businesses affected by ransomware were using up-to-date protection. This indicates that traditional forms of anti-malware protection are not effective against the scourge of ransomware.

How to Protect Against Ransomware

As is the case with most cybersecurity issues, no single method is adequate to reduce the proliferation of ransomware. Instead, you should use a multilayered approach to reduce your risk.

Here are some commonsense steps that you should engage to reduce the chance that you will fall victim to an attack:

  • Plan for the worst by assuming you will become a victim. Against that backdrop, address your backup procedures to determine if they are adequate in today’s environment and will allow you to restore your data in case of an attack. Ensure that your backups are stored offline.
  • Train your team members not to click on links and attachments in emails from unknown parties. Reinforce this training on at least a quarterly basis.
  • Ensure that all computers remain updated and patched to reduce the threats of vulnerabilities in the operating system or installed applications.
  • Consider implementing a “whitelisting” approach to security. With whitelisting tools such as AppLocker (in Windows), you can control which applications can run on a computer. Thus, even if ransomware infects a device, unless the whitelisting software in use has authorized the ransomware to run, your data should remain safe.
  • Stay up on developing trends in ransomware. This threat will continue to evolve, and yesterday’s solutions will not be adequate to protect against tomorrow’s threats. Therefore, don’t view securing your data as a one-time project; consider securing your data a never-ending process.

Summary

Ransomware is not new; in fact, ransomware dates back to 1989. However, ransomware attacks have exploded over the past five years, and the proliferation shows no meaningful signs of slowing down. For victims, ransomware exacts an extraordinary toll, costing potentially millions of dollars and creating crippling customer/client service issues. Therefore, immediately assess the risk of becoming a victim and act appropriately to reduce that risk to an acceptable level. The very existence of your business could depend upon it.

Thomas G. Stephens Jr., CPA, CITP, CGMA, is a shareholder with K2 Enterprises. At K2, Stephens focuses on creating and delivering content, and is responsible for many of the firm's management and marketing functions. You may reach him at tommy@k2e.com or learn more about K2 Enterprises at www.k2e.com.

Sign up for weekly professional and technical updates in PICPA's blogs, podcasts, and discussion board topics by completing this form




Leave a comment

Order by

Newest on top Oldest on top
Load more comments
New code
Comment by from
Pennsylvania Institute Of Certified Public Accountants
Phone: (215) 496-9272
Webcast/Webinar Hotline: (267) 705-4450
Email: info@picpa.org
My Account

Subscribe to PICPA's personalized e-newsletter to receive news and events that interest you.

Subscribe

Copyright © 1998-2023 PICPA. All rights reserved. Privacy Policy | Terms and Conditions | Site Map