As indicated by figures in the recently released 2019 CrowdStrike Global; Security Attitude Security, the total number of organizations around the globe that pay the ransom subsequent to succumbing to a supply-chain attack has dramatically increased from 14% of victims to 39% of those influenced.
While cybersecurity suppliers and law enforcements suggest that victims don't fund crime by surrendering to the blackmail requests/ extortion demands, at times organizations see it as the fastest and easiest method for re-establishing their networks.
In the UK explicitly, the number of organizations that have encountered a ransomware attack and followed through on the demanded price for the decryption key stands at 28% – twofold the 14% figure of the previous year.
Be that as it may, on the grounds that the victims are as yet paying the ransom – which normally amounts up to six-figure sum – cybercriminals will keep on directing ransomware campaigns and likely broaden them further, particularly as the possibility of them getting captured is low.
In any case, notwithstanding the accomplishment of ransomware attacks – particularly those that have undermined the whole infrastructure of entire organizations – there are some generally straightforward and simple methods for averting the attacks doing any harm.
In the event that organizations guarantee that every one of the frameworks and programming on the network is fixed with the most recent security updates, it goes 'a long way' to preventing ransomware attacks from being effective the same number of campaigns depend on the abuse of the known vulnerabilities.
Organizations ought to likewise guarantee that default passwords aren't utilized on the system and, where conceivable, two-factor verification ought to be applied as this will counteract any hacker who figures out how to break the system from moving around and causing more damage.
However, in case of a ransomware attack being effective, organizations can guarantee they don't have to make the payment by normally creating a backup of their system and guaranteeing that the backup is stored offline.