Blog

Ransomware Prevention for Small Business

Ransomware Prevention for Small Business

Ransomware prevention for small businesses is extremely important, especially now. With many high-profile ransomware attacks in the news each week, it is easy to become numb to the number of attacks and the amount of real money being paid to cybercriminals. Ransomware grew 350% in 2018 alone and over 62% of annual attacks happen to small and medium-sized businesses. Over the next few blogs posts, we’ll explore ransomware prevention for the small business and the steps you can take now to help prevent a ransomware attack.

First things first…

What is Ransomware?

Ransomware is a form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for decryption. The first form of ransomware was created in 1989, called the AIDS Trojan. It was released on 20,000 floppy discs and distributed to AIDS researchers in 90+ companies. Although it’s much weaker than the kind that’s around now, it still did irreversible damage to companies it affected.

The most common technique used to spread ransomware is by phishing emails. These types of emails contain an attachment and when the recipient of the phishing email clicks on said attachment, the malware is downloaded and installed onto whatever device they’re using at the time. That’s not the only ransomware distribution path: it can also be spread by drive-by downloading (which happens when you accidentally visit an infected website), malvertising (a fake advertisement which, when clicked, downloads the malware onto the user’s device), and now even social media (using platforms’ messaging features and apps).

Translation for the small business? Cybercriminals will target “easy” opportunities and will usually gravitate towards individuals, small to medium sized businesses, and even schools. They’ll also target organizations that have sensitive personal data (such as healthcare organizations or credit card companies) gaining access to more individuals’ information via a larger business that has their personal information.

Ransomware takes over your computers and servers and renders them useless unless you pay a criminal thousands of dollars so you can re-take control of them. They’ll demand anything from physical money to digital currency such as Bitcoin. In 2019, cybercriminals were paid over $11.5 billion in ransomware payments. Once ransomware is downloaded onto your device, it’s too late to undo it. If you don’t pay the ransom, you will have to restore each computer from backups, one by one, resulting in a significant amount of downtime and the possibility of lost data. Even if you do pay it, nearly 40% of ransomware victims that pay ransom never get their data back and 73% of those that pay are targeted again. You don’t want to be the victim of a ransomware attack.

Victims of ransomware should report it immediately to CISA at www.us-cert.gov/report, a local FBI Field Office, or Secret Service Field Office.

Now that you know what ransomware is, next week we’ll explore steps you can take to protect you and your small business against it.

 

This week’s post is by Tim Malzahn, Principal Consultant at Malzahn Strategic