By Rieva Lesonsky
Have you heard about ransomware—or maybe even been victimized by it? Although this form of cyberattack has been around for a while, it’s becoming more insidious and more widespread, Symantec reports—and it’s also striking more and more small businesses.
Ransomware attacks work like this: Hackers infiltrate your business network, encrypt your data and then hold it for ransom, refusing to un-encrypt it until you pay up. The latest development, crypto-ransomware, uses unbreakable encryption so that even if you remove the malware from your system, you still can’t read your data.
Ransomware on the rise
Ransomware has become easier for cybercrooks to use; as a result, the number of attacks—and specifically, attacks on small businesses—is on the rise. But if you haven’t heard about the ransomware threat yet, it may be because many businesses that are attacked never report the incidents.
In a recent survey by the Ponemon Institute, about half of small and midsize businesses report suffering a ransomware attack, and about half of those paid the ransomware demands. However, worried about negative publicity, many who pay up keep the attacks a secret. Ironically, the fewer businesses report ransomware attacks, the harder it is for authorities and experts to combat the attackers.
The average ransom demanded by attackers is $2,500, according to the Ponemon survey. While that may not sound like much, ransomware attackers can strike again and again—and the actual ransom paid isn’t the only financial loss you’ll suffer. Last year, ransomware cost U.S. small businesses $75 million in downtime, according to Datto. Sixty-three percent of small businesses affected by ransomware report downtime, Datto says, while 48 percent lose critical data.
Ponemon surveyed the people responsible for containing ransomware at SMBs; most said their employers believe they’re too small to be targeted. However, the survey respondents themselves (i.e., the people on the front lines) have a very different opinion. Nearly six in 10 respondents who had experienced an attack believe cybercriminals specifically targeted their companies. More than two-thirds (67 percent) say ransomware poses a greater threat than any other type of malware.
How to protect your business
Protecting your business from ransomware starts with some basic cybersecurity steps. Install firewall protection and anti-virus software. Set operating systems and software to update automatically so security fixes and patches are always in place.
Once you’ve taken these actions, it’s time to focus on your employees. Human error is a primary way ransomware infiltrates small business networks. According to Datto, 46 percent of ransomware cases are linked to phishing (phony emails) and 36 percent result from employees who are inadequately trained in cybersecurity processes.
Start by developing a cybersecurity policy and educating employees about it. This should include developing strong passwords, changing them frequently (at least every six months or more often), and not sharing passwords with others.
Teach employees to avoid opening suspicious email attachments or links, especially in emails from unknown senders. Spear phishing is becoming more common: In this type of attack, hackers send emails that appear to come from inside the company, so recipients are more likely to open them. Train employees to examine all unexpected emails with attachments or links carefully, no matter who they come from, and to contact the sender before opening links or attachments if they have any concerns.
Clearly, it’s getting harder and harder to identify malicious phishing emails. That’s why backing up your data may be the most essential step to protecting your business from ransomware. In the Ponemon survey, 42 percent of businesses that suffered a ransomware attack were able to avoid paying the ransom because they had a full backup.
Back up and store your business data in multiple places, including both secure cloud-based storage and physical backups. Maintain copies off-site. Regularly test your backups to make sure they’re working properly. Finally, make sure you can restore your data quickly if needed. Being able to restore data in one day vs. one week can make a big difference to your bottom line and reputation.