Ransomware today is mostly based on the encryption of documents and files; however, nothing prevents it from evolving further. Based on research from MalwareBytes (and my experience is consistent with this), about 71 percent of businesses are addressing ransomware through backups rather than through defense.

I don’t believe this should be the only strategy. Especially with the rise of mobile ransomware, we might soon start seeing inverted attacks – instead of preventing access to data, ransomware could threaten to release it publicly. Whether it’s private data (e.g. photos, logon credentials, or messages) or business data (e.g. accounting numbers, emails). We might even have to pay double ransom — one to gain access to our files and another to prevent the rest of the world from seeing them.

Backup and recovery won’t be sufficient protection against these new attacks and proactive approach is needed.