Survey Shows That Americans Don’t Understand Ransomware. That’s a Problem for Seattle.

From July 18-22, 2019 The Harris Poll surveyed 2,021 U.S. adults online and determined that, although a worrisome 1 in 5 Americans have experienced ransomware, they don’t fully understand it. In a high-tech city like Seattle, that’s a major problem. 

So, let’s talk about this poll, discuss what happens when cybercriminals steal and ransom your data, and then talk about the steps you can take to properly protect your business. 

Poll Finds Widespread Ransomware

You can read the poll results yourself here, but a general summary of the findings is that: 

  • 1 in 5 Americans have experienced ransomware on a personal and/or work device (21%)
  • 87% of Americans believe cybersecurity is a priority… but 51% believe the government is already effectively addressing the issue
  • 61% of Americans support a tax increase for cybersecurity initiatives in the government

First things first, let’s just come straight out and say it: The idea that the government is already “effectively addressing” cybercrime is laughable. Recent ransomware attacks have affected Texas, Baltimore, Atlanta, Florida, and Louisiana. Does that sound like a problem that’s been “effectively addressed” to you?

The survey’s findings that Americans support a tax increase to combat the issue of cybercrime shows that we, as a nation, understand that cyberthreats deserve more attention. And people are, apparently, willing to pay a lot for that increased attention. According to the poll, 5% of Americans supported tax increases of 5% or more to support cybersecurity. 

However, most people need a better understanding of what that payment can (and can’t) do for them

Poll Also Finds That People Don’t Understand the Ongoing Dangers of a Ransomware Attack

In addition to sharing scary statistics about the widespread threat of ransomware, the poll also took a look at why people thought it was okay for businesses and governments to pay the ransom on a ransomware demand. What it demonstrated was that people grossly misunderstand what the ransomware payment is for. 

Here are the additional stats: 

  • 46% of companies paid the ransom

Of businesses, people thought it was okay to pay the ransom for these reasons:

  • 58% wanted to protect customers’ personal info
  • 53% wanted to protect employees’ personal info
  • 49% wanted to protect the safety, wellness, and life of others 

Of governments, people thought it was okay to pay the ransom for these reasons:

  • 62% wanted to protect national security
  • 56% wanted to protect citizens’ personal info
  • 53% wanted to protect confidential government info

Let’s analyze this for a moment. 

To be very clear, customer and employee personal information was already gone by the time the ransomware demand came in. At that point, there was nothing these companies (or anyone) could do to get that data out of the cybercriminals’ hands. 

It’s not like there’s only one copy of stolen data. As cybersecurity experts have seen, once data is stolen, it’s extremely likely that it will be sold on the Dark Web.  

When it comes to governments protecting national security, citizens’ personal info, or confidential government info, the same rules apply. There’s no use shutting the barn door now that all the animals have escaped. The correct action for businesses and governments to take was to protect the data to begin with. 

To protect data properly, organizations need to be committed to data security, and that takes following a few best practices. 

Now That You Understand Data Security, It’s Time to Protect Your Business

Now that you understand why it’s too late to protect sensitive data after a security breach, let’s talk about what you can do right now to reduce the likelihood of being affected by cybercrime and data theft, including ransomware, in the first place. 

IT security experts, known as Managed Services Providers (MSPs), will recommend the following five best practices for securing your business against ransomware and other forms of data theft:

  • Patching and Updating
    Cybercriminals attack known vulnerabilities, which means that if you pay attention to updating your systems and applying patches instantly, your business will be protected from most threats automatically.
  • Password Security
    Using unique, hard-to-remember passwords for every single internet account you use is really, really important for cybersecurity. Since the point is to come up with impossible-to-memorize passwords, it’s a smart idea to use a password manager like Dashlane or LastPass to keep track of your passwords for you.
  • Multi-Factor Authentication
    Also known as “two-factor authentication” (2FA), this method requires you to use at least a couple of security checks before accessing sensitive data. This protects you and your employees by creating an extra step that bars the path to data theft after a phishing attack.
  • Phishing Awareness Training
    Speaking of phishing attacks, it’s a really good idea to educate your staff on how to avoid them in the first place. Effective anti-phishing training can reduce your phishing vulnerability by up to 94%, which is pretty amazing.
  • Business Continuity
    Technically, this isn’t a preventative measure to protect you against ransomware, but if you do happen to sustain a ransomware attack, business continuity will make it possible to limit your downtime to as little as 5 minutes. Plus, you can get your data back ransom-free.

Don’t Let Data Theft and Ransomware Become a Problem for Your Business

Sad but true fact: Now that you’ve read this article, you’re more informed about ransomware and data theft than the majority of Americans. You understand the true, ongoing dangers of ransomware and the futility of protecting your data after an attack –and you know the best steps you can take to protect your data. 

Now it’s time to take action. It’s time to determine exactly how vulnerable your systems are, so you can plug the gaps and defend your data. 

Contact Interplay to schedule your Free Network Scan so you can secure your business against ransomware, data theft, and other forms of cybercrime.