- Ransomware is becoming the predominant cyber extortion threat
- Companies are the main target, due to greater financial gains
- In 2016 it is believed that we will see the highest ever levels of cyber attacks
In order to stop an organization becoming a victim of cyber extortion a combination of security technology, company policy and training are the most important factors to avoid attack by cybercriminals.
This is why Panda Security has launched its Practical Security Guide to Prevent Cyber Extortion, in which it highlights that European organizations suffer the highest number of sensitive data thefts.
Cyber Extortion: a limitless threat
In recent years, the massive growth in cyberattacks has led to companies having to devote more time and resources to combatting the problem, and finding a security solution that guarantees greater control of their files.
Cyber extortion occurs through a variety of threat vectors: 39% come from insecure or fraudulent websites, 23% from programs downloaded from the Internet, and 19% from infected emails.
One of the most prevalent forms of cyber extortion is Ransomware, which starts with the cybercriminals installing a Trojan program whose purpose is encrypting vital company information. The victim is then advised their information is lost and decryption will only be provided after payment of a ransom (normally by Bitcoin). Although payment doesn’t always guarantee that the company will be able to retrieve their files, or that they won’t become a victim again in the future.
Type of malware: How do they affect the companies?
There are innumerable types of malicious attacks designed to infiltrate networks, cause damage, spy and steal information. Some of the most common are:
- Ransomware – the most notorious families are Cryptolocker, Cryptowall, and CoinVault, which use an ‘unbreakable’ encryption to lock vital files
- Advanced Persistent Threat (APT) – a stealthy approach where the attackers look to extract information on a longer-term basis without arousing suspicion
- Exploit – takes advantage of a security flaw in unpatched systems and common programs
- Phishing – creates a false login website to steal bank details and identity
- Trojan – installs different applications that allow hackers to control the computer
Panda Security’s 5 tips for avoiding cyberextortion
- Advise your users: keep them up to date with good practice, current security risks and ‘con’-techniques
- Set out rules for Internet use at work: assign a series of rules that control the reputation of websites that access is granted to.
- Implement a security solution for your needs: make sure you have the right solution for your business according to your infrastructure and requirements.
- Establish protocols: control installation and running of software. Also check which applications have been installed on a regular basis.
- Always update: set out an update policy and block certain applications on your computers.
The complete Practical Security Guide to Prevent Cyber Extortion is available here – Download
This and more information on how Panda Adaptive Defense 360 can help protect IT networks against all forms of cyberattack is available here – Panda Adaptive Defense 360
About Panda Security
Founded in 1990, Panda Security is the world’s leading provider of cloud-based security solutions. With head offices in Spain, the company has direct presence in over 80 countries, products translated into more than 23 languages and millions of customers around the world. The company’s mission is to simplify complexity, creating new and improved solutions to protect users’ digital lives.
Re-published from the Panda Press Release – Practical Business Security Guide for avoiding Cyber Extortion
