Why Ransomware is Still an Endpoint Security Risk in 2022

assets/files/images/19_01_22/Ransomware-resize.jpg

This article is brought to you by Retail Technology Review: Why Ransomware is Still an Endpoint Security Risk in 2022.

By Richard Grant, freelance writer.

Ransomware has been around for decades at this point, and yet like lots of malicious software, it is also being augmented and enhanced by the nefarious groups behind it to try and claim new victims while circumventing fresh security measures.

Those who are hit by ransomware attacks, be they businesses or individuals, can end up paying through the nose to unlock their data, and it is still a major threat to endpoint security in 2022.

So why is ransomware still relevant, what are the trends shaping its use at the moment, and what are the prospects for fighting back against it going forward?

Reliable income is afforded by ransomware

The main motivator behind the continued use of ransomware-style attacks by cybercriminal gangs is that they are frequently successful and can thus consistently be relied upon to earn cash for those that perpetuate them.

What is more, because these crooks are not beholden to any kind of ethical code, they can wring further funds from victims they successfully target just by upping the asking price for decrypting the locked data even after payment is made.

Thankfully there are solutions made to provide additional defense against this type of attack, many of which are ranked as part of the Gartner Magic Quadrant endpoint protection report. As such it is up to businesses to invest in the necessary tools to turn the tide against attackers, while also using training to ensure employees are savvy to the strategies cybercriminals use.

Recovery is difficult

Another advantage of ransomware from the perspective of its proponents is that even with certain solutions being built to decrypt data so that victims do not need to pay out, there is still a very slim likelihood of this actually succeeding.

This leaves organizations and individuals whose systems get infected with malware in a precarious position; either they fork out the sum being demanded of them and encourage further criminal activities, or they hope that they can either recover the data independently or deal with the aftermath of its total deletion without disrupting operations too badly.

In reality, minor IT outages can cost companies hundreds of thousands or even millions of dollars. This is why continuity and recovery planning is so important. And the uncertainty thrown up by ransomware means that it is very tricky to decide how to cope with an attack.

Human error is involved

Perhaps the most significant issue which makes ransomware an attractive prospect for cybercriminals to peddle is that attacks will succeed if flesh and blood humans can be tricked.

That means there’s no need to worry about circumventing high-end security software; all you need to do is put together a phishing email or convincing phony website, and get the unsuspecting user to click a download link.

Social engineering remains a top strategy across all sorts of criminal activities, from ransomware to fraud and identity theft. Once again, this means that businesses need to prioritize the proper training of employees to reduce endpoint security risks, and also implement and uphold best practices for using systems and devices to steer clear of these threats.

Wrapping up

From the amount of money that can be made through ransomware to the vulnerability of the human element it involves, it seems likely that this cybercrime trend will remain in place even as other fads rise and fall.

Software tools and training can shield firms of all sizes from ransomware, as well as from other endpoint security risks. It is merely a matter of investing the time, energy and resources required.

Add a Comment

No messages on this article yet

Editorial: +44 (0)1892 536363
Publisher: +44 (0)208 440 0372
Subscribe FREE to the weekly E-newsletter