Modern cybercriminals have an array of weapons in their cyber arsenals. As technology evolves, their tools and methods continue to become more sophisticated. Ransomware is among these weapons — and it poses a significant threat. Cybersecurity Ventures estimates that a ransomware attack targets a business every 14 seconds, and that number will fall to 11 seconds by 2021. Because no business is too small to become the target of a ransomware attack, it’s important to understand how to proactively defend your organization.
What Is Ransomware?
As its name suggests, ransomware is a type of malware that cybercriminals use to hold machines or data hostage until a ransom has been paid. It’s often spread through phishing emails or malicious websites, exploiting vulnerabilities and security flaws in outdated operating systems.
After an unsuspecting victim opens a malicious email or visits an infected site, ransomware begins to encrypt critical files hosted on the victim’s local machine. Unable to open important Word documents, PDFs, and other files, victims will usually receive an intimidating on-screen alert demanding payment in the form of bitcoin or some other digital currency in exchange for access to their encrypted files.
Cybercriminals love ransomware because it’s profitable. Victims desperate to regain access to valuable data are often willing to pay hundreds — or even thousands — of dollars in ransom.
The Impact of a Ransomware Attack
While the threat and impact of ransomware aren’t new, the Cybersecurity and Infrastructure Security Agency has reported a recent uptick in such attacks. This year, an attack on government organizations across Texas crippled important city services in 22 municipalities. Payment processing systems and machines used to print identification documents were taken offline as officials attempted to mitigate damage from what might be the largest coordinated ransomware attack ever levied against a government.
In the case of the Texas attack, it appears that the attacker was able to compromise a single IT vendor, then victimize that vendor’s clients across the state. Officials declined to pay the $2.5 million ransom demand.
Ransomware Costs to Business
The impact of a successful ransomware attack is felt companywide: indefinite disruption of operations, financial losses associated with recovery work and ransom payments, damage to a business’s reputation, and temporary (or permanent) loss of vital data and files. Putting it in hard numbers, the average business will spend around $133,000 recovering from a ransomware attack.
This can be especially devastating for small businesses, which have limited financial resources and internal expertise. As such, it’s critical that small business owners incorporate these ransomware mitigation strategies into their cyber defense programs.
1. Back up your data. Access to a working backup gives you tremendous leverage as the victim of a ransomware attack. In fact, Ponemon Institute reported that 73% of small businesses that suffered a ransomware attack in 2018 did not pay the ransom because they had a full backup.
An automated backup solution can ensure that all the data from your devices and server is backed up regularly. Every business should have at least two backup locations — one in the cloud and one off-site — and both should contain copies of all the files and data your business needs to operate. Website backups should also be encrypted; this way, if the data falls into the hands of criminals, they won’t be able to read and exploit it.
2. Identify and reduce vulnerabilities. Cybercriminals typically try to exploit well-known vulnerabilities in operating systems and programs. Ensuring that your company’s software is always up-to-date is the best way to stop a ransomware attack in its tracks.
Similarly, installing the latest antivirus software and malware scanners on all company machines can make your IT infrastructure more resilient to ransomware and other types of cyberattacks. Also, implementing a web application firewall can help you stop the attacks from malicious bots that lead to ransomware infections. Finally, using a password manager for logins will reduce the likelihood of passwords being stored in vulnerable formats.
3. Cultivate good “cyber hygiene” habits among employees. According to Ponemon, 60% of data breaches can be linked to negligence. All it takes is an employee clicking on a suspicious email or unknowingly visiting an infected site. The malware does the rest. Implement regular security awareness training to keep your workforce knowledgeable about how to spot phishing emails and other potential threats. It’s also essential to have a response plan in place should a cybercriminal break through your defenses.
Ransomware mitigation can be extremely burdensome for organizations of all sizes, but these types of attacks can be especially crippling for small businesses. Prevention requires constant vigilance and a teamwide effort. These three best practices should give you a starting point as you develop your own security strategy.
Monique Becenti is a product and channel marketing specialist at SiteLock, a cloud-based website security provider currently protecting more than 12 million websites globally. Monique is passionate about improving the customer experience for all. SiteLock’s combination of dedicated research and developmental efforts, aggressive product road maps, and access to a massive global data set make the company a leading innovator in web security.