1300 441 551
Blog

Unless you’ve been living under a rock, you are probably well aware that ransomware is a hot topic in the news these days. More and more, ransomware has emerged as a major threat to individuals and businesses alike.

Ransomware, a type of malware that encrypts data on infected systems, has become a lucrative option for cyber extortionists. When the malware is run, it locks victim’s files and allows criminals to demand payment to release them. Organisations of all types and sizes have been impacted, but small businesses can be particularly vulnerable to attacks and ransomware is on the rise. In a June 2018 Threat Report, the number of new ransomware strains saw an increase of 62% in the previous four quarters. This increase brings total number of identified strains to roughly 16 million. Ransomware is distributed in a variety of ways and is difficult to protect against because, just like the flu virus, it is constantly evolving. Traditional antivirus or backup solutions wont protect you. Having your email in the cloud is no longer enough either. Hiding your head in the sand won’t work, because today’s ransom seekers play dirty. There are ways to protect your business against ransomware attacks. Make sure your organisation is prepared. The sheer volume and severity of targeted attacks means that companies must have a properly designed business continuity solution in place. Make sure your organization is prepared.

Ransomware Today

There are a few dominant types, or families, of ransomware in existence. Each type has its own variants. It is expected that new families will continue to surface as time goes on. Historically, Microsoft Office, Adobe PDF, OpenDocument, AutoCAD and image files have been targeted, but experts predict that additional types of files will become targets as ransomware continues to evolve and more recently we’ve seen cases of entire email mailboxes being encrypted - Yikes! To decrypt files, cyber extortionists typically request payment in the form of Bitcoins or online payment voucher services. The aftermath of a ransomware attack can be crippling for a business. when asked about the impacts f a successful attack, 67% of reported victims experienced a loss of business productivity. More than half reported victims experienced a loss of business productivity. More than half reported victims experienced business-threatening downtime. The cost of business downtime is 10X greater than the cost of ransom requested. The average requested ransom for SMBs is $4,300 while the average cost of downtime related to a ransomware attack is $46,800.

How is ransomware spread? 

Spam is the most common method for distributing ransomware. It is generally spread using some form of social engineering; victims are tricked into downloading an e-mail attachment or clicking a link. Fake email messages might appear to be a note from a friend or colleague asking a user to check out an attached file, for example. Or, email might come from a trusted institution (such as a bank) asking you to perform a routine task. Sometimes, ransomware uses scare tactics such as claiming that the computer has been used for illegal activities to coerce victims. Once the user takes action, the malware installs itself on the system and begins encrypting files. It can happen in the blink of an eye with a single click. Once the dirty work is done, a message informing the user that files have been encrypted is displayed on said user’s screen demanding a Bitcoin payment.

Protect against ransomware

Cyber criminals armed with ransomware are a formidable adversary. While small to-mid-sized businesses aren’t specifically targeted in ransomware campaigns, they may be more likely to suffer an attack. Frequently, small businesses are stretched thin and, in some cases, rely on outdated technology due to budgetary constraints. This is the perfect storm for ransomware vulnerability. Thankfully, there are tried and true ways to protect your business against

ransomware attacks. Security software is essential however, you can’t rely on it alone. A proper ransomware protection strategy requires a three-pronged approach, comprising of education, security and backup.

Education: First and foremost, education is essential to protect your business against ransomware. It is critical that your staff understands what ransomware is and the threats that it poses. Provide your team with specific examples of suspicious emails with clear instructions on what to do if they encounter a potential ransomware lure (i.e. don’t open attachments, if you see something, say something, etc.). Conduct bi-annual formal training to inform staff about the risk of ransomware and other cyber threats. When new employees join the team, make sure you send them an email to bring them up to date about cyber best practices. It is important to ensure that the message is communicated clearly to everyone in the organisation, not passed around on a word of mouth basis. Lastly, keep staff updated as new ransomware enters the market or changes over time.

Security: Antivirus software should be considered essential for any business to protect against ransomware and other risks. Ensure your security software is up to date, as well, in order to protect against newly identified threats. Keep all business applications patched and updated in order to minimize vulnerabilities. Some antivirus software products offer ransomware-specific functionality. However, because ransomware is constantly evolving, even the best security software can be breached. This is why a secondary layer of defence is critical for businesses to ensure recovery in case malware strikes: backup.

Backup: Modern total data protection solutions, like Datto, take snapshot based, incremental backups as frequently as every five minutes to create a series of recovery points. If your business suffers a ransomware attack, this technology allows you to roll-back your data to a point-in-time before the corruption occurred. When it comes to ransomware, the benefit of this is twofold. First, you don’t need to pay the ransom to get your data back. Second, since you are restoring to a point-in-time before the ransomware infected your systems, you can be certain everything is clean, and the malware cannot be triggered again. Additionally, some of the data protection solutions we have today allow us to run applications from image-based backups of virtual machines. This capability is commonly referred to as “recovery-in-place” or “instant recovery.” This technology can be useful for recovering from a ransomware attack as well, because it allows you to continue operations while your primary systems are being restored and with little to no downtime. Datto’s version of this business saving technology is called Instant Virtualization, which virtualizes systems either locally or remotely in a secure cloud within seconds. This solution ensures businesses stay up-and-running when disaster strikes.

So, what now?

Cyber extortionists using ransomware are a definite threat to today’s businesses from the local pizza shop to the largest corporations. However, a little bit of education and the right solutions go a long way. Make sure your employees understand what to watch out for and you can avoid a lot of headaches. Never underestimate the dedication or expertise of today’s hackers. They are constantly adapting and improving their weapon of choice. That’s why you need top-notch security software and backup. Keep your business safe and give your nerves a break. To sum it all up, knowledge spreading, and security software can help you avoid cyber attacks. Patch management is essential. Be certain that your software is up-to-date and secure. In the end, it is backup that will help you pick up the pieces when all else fails. Consider using a modern backup product that offers features that can permanently eliminate downtime.

Want to know more?

Talk to us about how we are reducing our clients’ business risk today.