It can be easy and understandable to assume that ransomware attacks mostly target large enterprises or security systems given the recent flood of headlines. From April’s attack on the Colonial Pipeline’s computer networks to the more recent underscoring of the food supply chain JBS, it’s hard to imagine the value of attacking any small or medium-sized business.
However, 2020 alone saw a total of $350 million paid out for ransomware attacks, as well as a 300% increase in ransomware attacks, and attacks against small businesses made up roughly 75% of the ransomware targets. Ransomware prevention is yet another discussion any business leader should start to have when addressing or establishing a cybersecurity strategy.
Ransomware usually takes the form of something that needs to be activated via click-through. So, for example, a common way to target businesses is by sending a phishing email. Within that email, there may be an attachment or link that can give attackers access to a computer’s entire network when clicked upon.
When ransomware is activated, a user may experience their computer showing a message from the hackers, a message demanding a payment in exchange for stolen files, or even show they have access to sensitive data or company information.
For those thinking this may be an empty threat and ignore the message, the attackers can easily rid your network of all data they have access to.
New network security systems are vulnerable, but older versions of operating systems for Microsoft Windows, for example, are especially vulnerable for not just ransomware, but malware attacks as well.
Ransomware can also be broken down into two categories. The first is a ransomware that intends to lock a user out of their device once they click on a suspicious link or attachment. This form is more common of the two, and a cybersecurity team might be able to restore access to the user.
The other category for ransomware is where a user’s data is encrypted. Once encrypted, a corresponding decryption key would be needed to restore access.
Cybercrimes in general have been on the rise over the past year, and have increased 67% since 2014. One explanation is the vulnerabilities that were presented as many businesses of all sizes moved online in reaction to the COVID-19 pandemic without the needed penetration testing required for that type of transition.
Another explanation is the growing trend of companies storing data and information online and in the cloud. Running a business online has become commonplace for any sized business and this type of environment attracts more and more ransomware.
The reality is small businesses are an easy target. The common tropes for the ransomware attack against a small business include lack of adequate cybersecurity, higher chance of employing users who are not trained enough to identify and avoid phishing attacks, and providing some sort of service like finance, healthcare, or retail.
If your business is targeted by a ransomware attack, the loss from of the event isn’t from just paying off the ransom. The average cost in time alone to try and pick up the pieces from an attack is about 50 days. That’s almost an entire quarter of business focused on recovery from one attack that was detrimental to your company’s data storage and costs. And the most expensive cost from the recovery process is trying to obtain lost information in an attack.
From lost time to increased recovery costs, the result is losing business, revenue, and the potential to focus on new business.
You might argue that the cost of ransom from one attack is cheaper than investing in prevention of ransomware, but the reality is there is no guarantee that just one attack will occur throughout your business’ lifecycle.
Of course, there are services and antivirus software that can help prevent and identify holes in a business’ cybersecurity, but one of the most important tactics is to educate employees. Train your employees on best practices.
Maybe run a monthly test by sending out a fake phishing email to all employees to prevent the most common attack from happening to your company. If employees are able to identify on their own what a suspicious email address or subject may look like, then you’re creating an extra bit of security for each device.
Another way to prevent email phishing is to filter emails to prevent the potential spam that may find its way into any user’s inbox. And even implementing two-factor authentication can add some security for any user.
Also always update and patch systems and software as a way to try to stay ahead of new ransomware attacks that are always finding holes in software. In addition, make sure to back up your system and files as replacing lost information isn’t always a sure thing in an attack.
Attempt to “hack” into your own security measures to identify holes in your cybersecurity network. Through penetration testing, your company may be able to prevent future attacks by identifying those attacks yourself.
Lastly, when operating business outside your office or normal network, accessing public wireless Internet can cause a threat. Consider investing in a strong Virtual Private Network (VPN) when accessing public Wi-Fi.
As Department of Homeland Security (DHS) Secretary, Alejandro Mayorkas, recently said of businesses facing ransomware threats, “The losses from ransomware are staggering and the pace at which those losses are being realized are equally staggering.”
With this type of statement, the DHS provided resources that can help businesses respond to and combat ransomware attacks. So the new reality is that no business should feel like they’re safe from ransomware attacks, but they’re also plenty of measures that can be taken to increase your business’ ransomware prevention.