Ransomware: Too Profitable to Go AwayBy Charles CooperIf enterprises needed another reminder to protect themselves against ransomware, this spring\u2019s WannaCry outbreak ought to have served as their proverbial wake-up call. \u00a0WannaCry was a global coordinated ransomware attack against tens of thousands of private and public sector organizations around the globe. It overwhelmed defenses with a zero-day vulnerability stolen from the NSA.Meanwhile, the number of organizations victimized by ransomware tripled between the first and third quarters of 2016 alone with attackers holding their victim\u2019s data hostage in return for payment.All this has taken place within a relatively short time. The first wave of modern ransomware started in the middle of the last decade in Russia with the appearance of GPCode (also called PGPCoder), a Trojan that dropped a text file demanding payment into infected files. New strains of ransomware soon migrated west across Europe and then, throughout the rest of the world.Starting in 2015, the focus shifted as ransomware attackers concentrated on business targets, rather than individuals. Last year was a breakout year for ransomware heists as attackers raked in an estimated $1 billion from victim organizations.The most common type of ransomware used nowadays is called crypto-ransomware, which seeks to encrypt personal data and files. The other type \u2014 known as locker ransomware \u2014 locks up the victim\u2019s computer entirely.A vivid example of the havoc ransomware can wreak came in February 2016 when attackers seized control of the computer network at Hollywood Presbyterian Medical Center, in Los Angeles. The malware prevented employees from accessing any medical records stored electronically. Administrators eventually complied with the demands and paid a ransom of about $17,000 in bitcoins in order to regain access to the hospital\u2019s computer systems.It was a victory for the bad guys but hardly an exception. Although law enforcement authorities argueagainst paying ransom, as many as two-thirds of ransomware victims are believed to comply with the demands of their attackers.Blocking and TacklingThe average ransomware attack last year netted $1,077, a 266 percent increase from 2015. Meanwhile, security experts expect further attacks given the proliferation of underground forums where criminals can buy easy-to-deploy ransomware toolkits.If your company depends on uninterrupted access to critical data, the onus falls on you to take preventive measures and block ransomware threats before they paralyze the organization.This is largely a matter of basic blocking and tackling. Defending against exploit-based infection scenarios involves a multilayered defense strategy with web and email filtering solutions and intrusion prevention systems that mitigate the threat of ransomware-laden emails.No software is bulletproof. Unfortunately, many organizations still fail to patch their software with regular maintenance updates. The justifications vary, but negligence gives cybercriminals the incentive to continue to launch ransomware attacks. In addition to patching regularly, administrators can whitelist their software applications to help \u00a0prevent their users\u2019 computers from installing anything that's not approved by IT.Also, it\u2019s smart to make regular backups a part of any disaster recovery plan before the next ransomware attack comes. In fact, NIST recommends adopting a regimented backup schedule and then making redundant copies of backups stored in different physical and offline locations. That way there\u2019s no connection for the ransomware to reach any backup data.Charles Cooper has covered technology and business for the past three decades. All opinions expressed are his own. AT&T has sponsored this blog post.