UK organizations piling up Bitcoins for cyber-extortionists - a white flag?

One in three medium to large businesses from the UK are stocking up on Bitcoins to prepare for a ransomware attack, according to news reports.

Some 35% of companies would apparently pay up to £50,000 to regain access to important intellectual property or business-critical data in the event of a breach, a Citrix research reveals.

Today’s threat landscape is more advanced, more determined and better equipped than ever before to exploit the weaknesses of organizations – “many of which house a potential data goldmine,” said Chris Mayers, chief security architect at Citrix, at the InfoSecurity event in London.

Almost half of companies fail to back up their data daily, a key procedure for recovering data in case of a ransomware attack. One in 10 (13%) have even admitted to never serializing their backup data files, leaving them irretrievable in case of a ransomware offensive.

These numbers are quite alarming as ransomware is proliferating – over 120 families of ransomware can be found in the wild today, according to security experts.

Also, email-based ransomware attacks directed at US users have increased 5 percent in the first quarter of 2016, recent Bitdefender data shows, reinforcing the country’s position as cyber-criminals’ most sought-after target. Globally, 15.5 percent of email attachments delivered in Q1 contained some form of ransomware.

Key protective measures

As spammers get more aggressive, it’s important for users and companies to strengthen defenses.

Backup remains essential for companies and home users who care about their digital assets. However, since ransomware has been seen trying to encrypt backup software baked into the OS and entire hard drives, security experts recommend storing data on separate hardware, disconnected from the Internet.

Installing and updating security software that includes a performant antispam filter is also key to sanitizing Inboxes from spam and embedded threats.

Users are also advised to proactively use crypto-ransomware vaccines when available. Security vendors are quick to thwart cyber-criminal plans and often manage to create a software solution that prevents a device from getting encrypted or offers the decryption key to recover the affected files.