Ransomware attacks have surged significantly in the past several years, targeting an increasing number of organizations as cybercriminals seek an easy way to monetize their efforts.

According to a new survey conducted by IT security firm Foursys, 42 percent of security breaches in the UK last year were attributed to ransomware.

The survey polled more than 400 UK-based organizations, ranging from small SMEs to large corporations with more than 1,000 employees.

The results revealed that 15 percent of organizations responded to a security breach in 2015.

In 10 percent of the cases, respondents said the breach led to “significant disruption to systems,” while 11 percent said the incident caused loss of data.

“With so many victims paying out, it is no wonder that ransomware is becoming more and more attractive to cyber criminals,” said James Miller, managing director as Foursys.

“Once files are encrypted, you’d better hope your backups are secure and up-to-date, or pay the fine and keep your fingers crossed that the files will be decrypted,” he added.

A separate report by Cisco, says the overall explosion of ransomware activity can be tied to two main advantages for cybercriminals:

“It is a low-maintenance operation for threat actors, and it offers a quick path to monetization because the users pay adversaries directly in cryptocurrency,” read Cisco’s 2016 Annual Security Report. 

Foursys notes that the only real defense from ransomware attacks is prevention, and urges organizations to implement the following practices:

• Ensure all security patches are up-to-date
  
• Run the latest version of security software to prevent unauthorized access
  
• Execute penetration tests to discover unknown vulnerabilities; and
  
• Ensure all staff, including senior management, is kept abreast of the latest threats and their impact on business continuity.
  

Via: tripwire