An uptick in ransomware attacks is costing the average target $300, according to a new security report out from Cisco Systems Inc. More than 9,500 people pay ransoms to hackers each month.
“Defenders are not protecting systems in a way that matches how attackers do their work,” Cisco wrote in the Midyear Cybersecurity Report for 2016. “Although defenders have evolved their strategies and tools for fighting online criminals, attackers are still permitted far too much unconstrained time to operate.”
To deploy the ransomware, cyberattackers frequently create a fake website that contain what is called an Angler exploit kit. The kit scans a user’s Web browser for security holes and then delivers malware that locks up the user’s computer.
“Lack of visibility is the problem, leaving users open to attacks,” Cisco wrote. “Security professionals’ reliance on point solutions and a ‘triage’ approach — trying to stop attacks here and there, instead of looking holistically at security challenges — is playing to attackers’ strengths.”The company analyzed 115,000 Cisco devices currently being used by companies and discovered “that 106,000 of the 115,000 devices had known vulnerabilities in the software they were running.” The vulnerabilities left devices at the mercy of hackers who could gain access into corporate networks through outdated software.
Cisco security researchers also discovered a sharp increase in HTTPS traffic related to malicious activity between September 2015 and March 2016. The increase is due in large part to malicious ad injectors and adware. Researchers also observed that even though major software vendors make patches available, many users failed to quickly install the patches, giving hackers plenty of time to exploit vulnerabilities.
The report provided several solutions for businesses looking to prevent these types of attacks. Recommendations included creating and testing an incident response plan and not automatically trusting HTTPS connections and SSL certificates. Researchers also suggested educating employees about the threat of malicious browser infections.
Of course, once businesses get a handle on this round of attacks, hackers will be sure to upgrade their tactics.
“We expect the next wave of ransomware to be even more pervasive and resilient,” the company wrote in a blog post. “Organizations and end users should prepare now by backing up critical data and confirming that those backups will not be susceptible to compromise.”