Vistage Research Center

Get actionable, data-driven insights and expert perspectives from our global community of CEOs and thought leaders. Led by Joe Galvin, Chief Research Officer

Cybersecurity alert: What you need to know about ransomware

Ransomware:  What you need to know to make the best decision


2016 is shaping up to be a year of extortion, making cybersecurity a must-discuss topic among businesses.  Cyber criminals are making a mint on ransomware as noted by the Federal Trade Commission Chair that ransomware is the most profitable malware ever devised. Criminal syndicates are now offering ransomware as a service that enables individuals to buy kits for a low dollar amount and then spread havoc to organizations to collect ransom.

With numerous variants being created, cyber criminals are increasing their attacks, the amount of ransom demands, and the sophistication of the ransomware. In fact, Ransom32, a new ransomware, has been publicly reported as the first ransomware that is allegedly based entirely on JavaScript. Thus, unlike some other ransomware that impacts Windows operating systems (OS), Ransome32 can purportedly be used against other OS such as Linux and Mac OS.

Many businesses are playing defense and are not prepared to deal with ransomware.

What is ransomware and how does it disrupt?

Ransomware encrypts files, immediately locking the owner out of his/her own data. Often, the owner will see a ransom note through a splash screen displaying the ransom amount to be paid to unencrypt the files as well as a required time period for when the payment is to be made, commonly 48 to 72 hours. This ransom note may include detailed payment instructions requesting the payment in Bitcoins,[1] a popular digital cryptocurrency.  If not paid, the ransom payment may increase, or in some cases, the files may be locked indefinitely.

The most commonly observed infection vectors for ransomware:

  • Large scale opportunistic phishing campaigns where an employee opens an email and accesses a link that drops ransomware onto the employee’s system.
  • An employee visits a compromised or malicious website hosting malware.
  • An intruder penetrates a network and installs ransomware.


Tough choice: to pay or not to pay

Is it better to pay and hope to have the files unencrypted or choose not to pay and deal with the impacts to the business?  For those organizations that have sufficient file backups, the ransomware threat is reasonably mitigated as the business can proceed without having to unencrypt the impacted files.  Other organizations that do not perform timely and sufficient backups are required to deal with the decision of whether to make a payment or face the business implications of losing the data. To further complicate these decisions, a payment may be made but the ransom website and infrastructure may be contemporaneously taken down by law enforcement, or other competing criminals.  This results in the worst-case scenario where a corporation pays, but the criminal can no longer unencrypt the files.

Preparing for ransomware – 7 key questions to consider

To proactively prepare for when ransomware impacts your organization, here are risk-management topics to discuss within your organization.

  1. Backups: Are backups being performed timely, tested and segmented properly?
  2. Digital wallets:  What is the strategy to pay if ransomware encrypts files and there are no backups?
  3. Legal:  What are the accounting and legal considerations with paying the ransom?
  4. Incident response plan:  Is there a plan and does it work?
  5. Board and C-Suite:  Is the board and C-Suite properly educated about the risks of these types of attacks? 
  6. Employees:  Are employees effectively trained to know not to execute “click the link” downloads?
  7. Prevention software:  Does the company’s anti-malware solution specifically detect ransomware?

[1] As of November 1, 2016, one bitcoin equals approximately $729.


Related reading — the outside forces that impact your business:

Print Friendly, PDF & Email

Leave a Reply

Your email address will not be published. Required fields are marked *

Predefined Skins

Primary Color

Background Color

Example Patterns

demo demo demo demo demo demo demo demo demo demo

Privacy Policy Settings

  • Required Cookies
  • Performance Cookies
  • Functional Cookies
  • Advertising Cookies
These cookies are essential in order to enable you to move around the Sites and use its features, such as accessing secure areas of the Sites and using Vistage’s Services. Since these cookies are essential to operate Vistage’s Sites and Services, there is no option to opt out of these cookies.
These cookies collect information about how visitors our Sites, for instance which pages visitors go to most often. These cookies don’t collect information that identifies a visitor. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.

Cookies used

Visual Web Optimizer
These cookies remember information you have entered or choices you make (e.g. as your username, language, or your region), and provide enhanced, more personal features. They may also be used to provide services you have asked for such as watching a video or commenting on a blog. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.

Cookies used

Google Analytics
Gravity Forms
These cookies are used to make advertising more relevant to you and your interests. The cookies are usually placed by third party advertising networks. They remember the websites you visit and that information is shared with other parties such as advertisers. If you do not allow these cookies, you will experience less targeted advertising.