Bank of America Coronavirus Resource Center See details

Avoiding a Ransomware Lockout

Cyber criminals routinely attempt to hold businesses hostage with malware that encrypts data and can freeze an organization’s network. Here’s how you can make it harder for them to succeed.

Avoiding a Ransomware Lockout image

Ransomware is a type of malware that encrypts data on computers, mobile devices and networks and locks users out. It allows cyber criminals to demand payment for the release of data or return of service. It can be delivered in a variety of ways, including fraudulent emails and websites, unpatched remote network portals and pop-up warnings with phony links to technical support.

Cyber crime that leverages ransomware is becoming more sophisticated and ransomware demands are increasing. The average demand in the last quarter of 2019 was $84,116, more than double the average of the preceding quarter.1 But it’s not just money at stake. Criminals may also threaten to release proprietary data or intellectual property they have seized to damage the fortunes or reputation of a business.

Ransomware is often a crime of opportunity. It works because the perpetrators understand that a targeted business or individual has been compromised at a time when they can ill-afford to interrupt service or operations. Targeting hospitals during a pandemic, businesses that can be ruined by a few hours of downtime or cities responding to a crisis are just a few examples of this opportunism.

There is no infallible defense against ransomware. Criminals continue to refine software and access methods and may even sell particularly effective strains to less-adept hackers. But individuals and businesses can protect themselves through cyber education and, most importantly, preparedness. Organizations that develop backup and remediation plans can give themselves options that can greatly reduce the severity and length of a ransomware incident.

Ransomware Facts

$4.4 Million
Average total cost of a ransomware breach.2

Percentage of successful malware incidents that delivered ransomware.3

2 Rank of ransomware among enterprises' most serious mobile security concerns.4

Percentage of businesses affected by ransomware that paid the ransom demand.5

Percentage of ransomware incidents that occurred after normal business hours.6

11
Projected number of seconds between each ransomware attempt by 2021.7

 

Ransomware Facts

Average total cost of a ransomware breach.2

Percentage of successful malware incidents that delivered ransomware.3

Rank of ransomware among enterprises' most serious mobile security concerns.4

Percentage of businesses affected by ransomware that paid the ransom demand.5

Percentage of ransomware incidents that occurred after normal business hours.6

11Projected number of seconds between each ransomware attempt by 2021.7

How ransomware attempts can succeed

Like other forms of malware, ransomware often is packaged into communications that contain malware or hyperlinks to infected sources. The criminals rely on unsuspecting device users responding to prompts or following links that allow the malware to load.

As businesses and supply chains become more interconnected, ransomware is also launched through vectors such as weaknesses in third-party networks or unsecured back-ends of legitimate websites that help mobile and off-site workers access company servers.

In some cases, cyber criminals may first access a company’s network undetected. They will take time to learn how the organization operates and where its network is weakest. It may be months before they decide to launch the ransomware, but the reconnaissance can make the attempt much more effective.

Prevention begins with preparedness

Thwarting ransomware attempts begins with understanding what services and data are most valuable to an organization. If a company depends on uninterrupted service for its customers, it should explore how it could maintain service should criminals seize control of the network.

Whether a company needs to protect its finances, data, reputation or services, there are several steps to take that greatly reduce the risk and potential damage of a ransomware incident:

  • Regularly back up critical systems. Critical data should be backed up daily in locations outside the primary company network. Encryption technology can provide another layer of defense for the most critical or sensitive data.
  • Maintain lines of defense. Ransomware prevention and anti-virus software should be installed, and network scans should be conducted regularly. Email filters can block known sources of ransomware and spam.
  • Build a formal, well-defined ransomware response plan. Companies should construct a step-by-step playbook that establishes response chains of command and describes specific actions employees must perform.
  • Promote secure online interactions and organizational preparedness through training. Decision makers should educate employees about the risks of clicking on suspicious emails and using public Wi-Fi networks when working remotely. They should provide training materials that keep employees current on the digital threat landscape and, when possible, run cyber-event simulations to help develop the organization’s incident-response capabilities.

 

Stay connected, stay protected:

To help keep your account information safe and secure during this period, make sure your contact information is up to date and set up security and account alerts so we can stay in touch. Remember, if we need to reach out to you, we’ll NEVER ask for personal or financial information or an access code through email, text or unsolicited calls. Visit our Security Center or the Federal Trade Commission’s Coronavirus Scam Tips on how to recognize potential scams and learn more about how to keep your accounts safe.

A private wealth advisor can help you get started.

Find an advisor

Coveware Incident Response Team, “Ransomware Costs Double as Ryuk, Sodinokibi Proliferate.”

IBM Security, "Cost of Data Breach, 2020."

3,4 Verizon, Mobile Security Index, 2019.

CyberEdge Group. "Cyberthreat Defense Report, 2020"

FireEye Threat Research, "They Come in the Night: Ransomware Deployment Trends, March 16, 2020"

Cybercrime Magazine, October 21, 2019.

Related Content:

1 of 1

SEC Share Class Selection Disclosure Initiative

Investing involves risk. There is always the potential of losing money when you invest in securities.

Asset allocation, diversification and rebalancing do not ensure a profit or protect against loss in declining markets.

Merrill, its affiliates, and financial advisors do not provide legal, tax or accounting advice. You should consult your legal and/or tax advisors before making any financial decisions.

This material is not intended as a recommendation, offer or solicitation for the purchase or sale of any security or investment strategy. Merrill offers a broad range of brokerage, investment advisory (including financial planning) and other services. Additional information is available in our Client Relationship Summary

Merrill Lynch, Pierce, Fenner & Smith Incorporated (also referred to as “MLPF&S” or “Merrill”) makes available certain investment products sponsored, managed, distributed or provided by companies that are affiliates of Bank of America Corporation (“BofA Corp.”).  MLPF&S is a registered broker-dealer, registered investment adviser, Member SIPC and a wholly owned subsidiary of BofA Corp.

Merrill Private Wealth Management is a division of MLPF&S that offers a broad array of personalized wealth management products and services. Both brokerage and investment advisory services (including financial planning) are offered by the Private Wealth Advisors through MLPF&S. The nature and degree of advice and assistance provided, the fees charged, and client rights and Merrill’s obligations will differ among these services. Investments involve risk, including the possible loss of principal investment.

The banking, credit and trust services sold by the Private Wealth Advisors are offered by licensed banks and trust companies, including Bank of America, N.A., Member FDIC, and other affiliated banks.

Insurance and annuity products are offered through Merrill Lynch Life Agency Inc., a licensed insurance agency and wholly owned subsidiary of Bank of America Corporation.

Investment, insurance and annuity products:

Are Not FDIC Insured
Are Not Bank Guaranteed
May Lose Value
Are Not Deposits
Are Not Insured by Any Federal Government Agency
Are Not a Condition to Any Banking Service or Activity

© Bank of America Corporation. All rights reserved.

3276189-EXP-2021-10-08

x

Important notice: you are now leaving Merrill Private Wealth Management (MPWM).

Clicking CONTINUE will take you to a website that Merrill Private Wealth Management is not affiliated with and may offer a different privacy policy and level of security. We are not responsible for and do not endorse, guarantee or monitor content, availability, viewpoints, products or services that are offered on other websites. Clicking RETURN TO MPWM will take you back to the previous page.

CONTINUE RETURN TO MPWM