Don’t let your small or medium business fall victim to ransomware. Make sure your data, network, equipment, and employees are safe from ransomware attacks.
October is Cyber Security Awareness Month. You may have heard about ransomware attacks on school districts, hospitals, and government organizations. Over 20 U.S. cities were targeted by ransomware attacks between January and July 2019. The cost to the city of Baltimore alone was more than $18 million between lost city revenue and repairs to the city’s computer network. Ransomware attacks on cities, schools, and hospitals are serious, but 71 percent of ransomware attacks target small and medium businesses.
According to Beazley Breach Response Services, in 2018, ransomware crooks demanded an average of more than $116,000 from over 3,300 business computer security breaches they directly tracked. Cybersecurity firm Coveware reported that the average ransomware demand to individuals and small businesses grew from $6,733 at the end of 2018 to over $12,760 in the first quarter of 2019.
How does ransomware work?
In the past, ransomware usually came in the form of unsophisticated “spam” emails that most people could recognize as hacking attacks. Hackers sent out hundreds of thousands of emails hoping to trick a few unsuspecting people into revealing their passwords and other secure information. Once installed on a business or individual computer, ransomware encrypts data and stops access to programs. The program then demands a “ransom” in the form of cryptocurrency, usually bitcoin, to restore the data and access.
Ransomware attacks are getting more sophisticated. A 2018 ransomware program, Ryuk, was developed by a North Korean group of hackers. Ryuk has been aimed at large businesses that can’t afford any downtime. The program individually maps the networks of target businesses and steals credentials in order to install the program and encryption. One business targeted by Ryuk paid over $360,000 in bitcoin to retrieve its data.
Ransomware is getting better at getting around anti-virus programs and computer firewalls. Hackers are using known applications and programs that users think are safe to get around security precautions. Expert estimates report that ransomware could cost small and medium businesses as much as $11 billion in 2020.
What can we do to combat ransomware?
- First, make sure the operating systems for your network and connected devices are up to date. The 2017 WannaCry ransomware attack targeted computers running Windows 7. WannaCry was developed from U.S. National Security Agency tools that were leaked online. According to TechCrunch, up to a million computers are still vulnerable to WannaCry because they are running Windows 7 or earlier Windows versions. Microsoft also ends its support for Windows 7 in January 2020. Ransomware and other types of hacking attacks often target older operating systems that are no longer receiving regular security updates and patches.
- Second, make sure your security software is also up to date. Check it at least once a month. A managed services provider (MSP) can help in this process.
- Third, make sure you and your employees know how to recognize potential security threats. Practice good computer habits that prevent intrusions. For example, do not click on any links or images that come from an unknown source no matter how funny or appropriate the title of an email may look at first glance. Managed services providers can help to train you and your staff on good cybersecurity habits that can prevent ransomware and other attacks.
- And finally, make sure you have a good offsite backup. Businesses that have successfully overcome ransomware attacks have strong and redundant backups for their data and programs. You may lose time, but you won’t lose all of your business data. If you’re in a field that keeps confidential client or customer information, it’s essential for your business to have secure, safe backups of data in the cloud and/or separate physical data storage.
Managed services providers (MSPs) are responsible for keeping track of ransomware threats and understanding the tricks hackers can use to take control of your computers and demand a ransom. They can help your business to prevent a ransomware attack and protect your business data and programs in the event an attack occurs. Malicious hackers have been causing damage to computers for years, but ransomware is the first major way they’ve discovered to earn a lot of money from their criminal activities. Don’t let ransomware interfere with your business operations, profits, and growth. Take our recommended steps to fight back and win against ransomware criminals.