Ransomware is software that is used to extort businesses by taking over their data until they pay the attacker a ransom to have the data unlocked. When large companies are victimized, the stories are usually reported in the media. What many small and medium-sized business owners don’t realize is that it is not only large businesses that are attacked. Smaller businesses can be threatened by ransomware attacks.
The Washington Post cites a Sitelock security report that claims that the average website of a small business is actually attacked as many as 44 times every day. Small business leaders are more exposed since they often underestimate the risk and don’t spend enough money on security software to prevent this type of serious problem.
How Victims Are Targeted by Ransomware Attacks
Security professionals warn small business owners about being overly confident that they won’t be attacked by hackers, saying it is more a question of “when” than “if” it will happen. Victims are often targeted based on vulnerability, the probability of a payout, and sensitivity of the data. Inc. reports that innovative companies are also considered to be at high-risk for cyber attacks since they are more likely to be very visible on the Internet.
Universities are often targeted as “low hanging fruit” for ransomware bullies. Since these institutions rarely have adequate security teams, they are considered easy targets. The fact that universities also engage in a lot of file sharing activity also makes them vulnerable.
Other targets such as government agencies, law firms, and medical organizations are very likely to pay up quickly. The sensitivity of the information puts these companies in a very compromising position. Managers are likely to want to keep this type of news quiet.
Another industry that attracts these types of attacks is financial institutions. CSO reports that in 2017, 90 percent of financial organizations were attacked.
How Ransomware Accesses Computers
One of the main ways ransomware attacks a computer is through an attachment that comes in an email. It often catches victims off guard since it looks like a trusted source. When the file is downloaded, it attacks the computer. NotPetya is an aggressive type of ransomware that leverages security vulnerabilities.
Once the computer is infected, the files are encrypted. At this juncture, these files can no longer be accessed without paying the ransom to obtain the mathematical key that is provided by the attacker. Payment is usually in Bitcoin so that it is not traceable.
Preventing Ransomware Attacks
There are some proven steps that can be taken to lessen the chances of being infected with ransomware. One of the first preventative actions that companies should take is to keep the operating system updated in good working order. Taking these measures will improve a company’s chance of risk.
Knowing what not to do is as important as knowing what to do where security is concerned. There should be a strict policy against installing software or allowing it access to your computer with administrative privileges unless it has been thoroughly reviewed and deemed safe.
The most obvious way to prevent problems with ransomware is to use antivirus software. Made specifically for detecting ransomware, this software will alert company representatives about potential security issues.
As is always recommended by security experts, all files should be backed up regularly. Establishing an automatic backup schedule so this important task is not forgotten is a good plan of action.
Paying the Ransom
Interestingly, CSO reports that 65 percent of victims of ransomware do pay even though many say they won’t pay before it actually happens. When business owners are faced with the stress related to lost data, they usually conduct a cost-benefit review and eventually decide that the ransom is not as expensive as the negative impact of losing the data.
Unfortunately, criminals are not always trustworthy. One of the worst scenarios is that the victimized company pays the ransom and then they never get their data back. CSO reports that in 65 to 70 percent of ransomware cases, the criminals do actually follow up and restore the data as promised.
Most ransomware criminals charge rates that they think will be easy for a company to pay, charging somewhere in the neighborhood of about $700 to $1300. They set the figure relatively low so the company can get the cash together rather quickly. It is typical for the ransom to be set higher in rich locales and lower in poorer areas.
Contrary to what TV shows would have us to believe, cybercrime is big business. Inc. estimates that these crimes represent a $500 million industry as a low estimate. For this reason, it is doubtful that ransomware is going away any time soon. Managed IT Services companies like NENS can protect your sensitive data and prevent ransomware attacks from impacting your business. Contact us to learn more about our Cyber Security services.