IBM Security report reveals that 70 percent of businesses impacted by Ransomware pay attackers, but there is hope in sight, as IBM's Resilient Incident Response Platform adds a new Dynamic Playbook to help organizations respond to attacks.
There has been a chorus line of vendors in 2016 proclaiming an increase in ransomware threats. IBM is now adding to the mix with a security study released on Dec. 14, reporting that 70 percent of businesses impacted by ransomware end up paying the ransom. IBM is going a step beyond just reporting on ransomware, with a new Dynamic Playbook for Ransomware capabilities in its Resilient Incident Response platform.
The 23-page IBM Security study surveyed 600 business leaders and 1,021 consumers in the U.S. 46 percent of business respondents reported that they had experienced ransomware in their organizations. Of the 46 percent that have been impacted by ransomware, 70 percent admitted that their organization paid the ransom.
The Windows 10 Creators Update, due in spring next year, is going to make almost all Flash content click-to-run in the Edge browser.
The Windows 10 Anniversary Update already applied click-to-run to most online advertising, following in the steps of Safari and Chrome. In the next major update, Microsoft will extend the restrictions on Flash. By default, Flash will not be loaded or offered to sites, and users will have to opt to enable it on a site-by-site basis. A handful of popular, Flash-dependent sites will see the plugin enabled automatically, with Microsoft intending to cut down this whitelist as more and more sites switch their interactive content to be native HTML5.
Earlier this year, Google announced a similar plan for Chrome. Currently, 1 percent of users of the stable Chrome 55 release have click-to-run enabled by default, along with 50 percent of users of the Chrome 56 beta release. When the stable Chrome 56 release is made in February, Flash click-to-run will be enabled by default for everyone. Google also intends to whitelist the ten most popular flash-dependent sites, though it says that this whitelist will only be in place for a year.