Undoubtedly, we’ve all heard about ransomware. It’s that troubling threat where cybercriminals encrypt victims’ computers and network files — sometimes destroying data — and extort cash in exchange for de-encrypting the system. It’s one of the most common cyber threats, and also one of the most dangerous. And ransomware has cost businesses billions worldwide.
In this blog, we’re going to review everything you need to know about ransomware and protecting your business.
How Common Is Ransomware?
Ransomware has been around for years, and unfortunately, it’s only increasing in popularity. According to The New York Times, ransomware attacks increased by 41 percent in 2019, with a total of 205,280 organizations reporting an incident. Businesses of all sizes are at risk of being hit — from small mom-and-pop shops to enterprise corporations. Government agencies and healthcare organizations have also become prime targets, especially those without proper antivirus protection.
This growth is partly because the simplest of user actions can spread ransomware. Email phishing or business email compromise (BEC) — fraudulent and deceptive emails posing as legitimate messages — are perhaps the most common propagation method. Social media clickbait, particularly fake accounts masquerading as friends or colleagues, is also common. Even simply visiting an infected website can corrupt your system, even if the user doesn’t click anything on the web page.
Hackers are also becoming increasingly sophisticated in their attacks. Phishing emails are harder to detect, and just one click of the mouse can invite cybercriminals into your network.
The good news is that savvy IT professionals are also becoming more advanced at fending off attacks. By preparing your company for the threat of ransomware, you can significantly lower the chances of your network becoming corrupted.
What Are the Consequences of Ransomware?
After ransomware has encrypted a computer’s files and network drives, it then demands a ransom in exchange for a decryption key. Most victims end up paying the ransom. This is because ransomware can be difficult, if not impossible, to crack. Paying the ransom can be the only way to get data back.
These costs of recovery can be enormous. The ransom itself can run from thousands to hundreds of thousands of dollars, even approaching $1 million. And this cost doesn’t even include the cost of downtime. The real cost of recovery runs easily into the millions.
For example, FedEx reported losses of more than $300 million before being able to restore operations fully. The total cost to US businesses is estimated at $75 billion or more per year, with downtime costing around $8,500 per hour.
Hackers typically demand their payment in Bitcoin. Cryptocurrency affords substantial anonymity, making it nearly impossible to track perpetrators. Even if they could be identified, cybercriminals often work over international borders. Jurisdiction restrictions make prosecution almost impossible. So, what can you do to protect yourself against ransomware?
Protecting your organization from ransomware is a complex endeavor involving both technology and education. You need the right tools, the right information, and the right business processes.
To help ensure that your organization is thoroughly prepared, here are a few key steps to protect your data:
- Enable multi-factor authentication on all accounts. Ensuring that all users for all your accounts use multi-factor authentication (MFA) is an essential step to prevent ransomware and improve your cybersecurity in general.
- Maintain up-to-date antivirus/malware protection, especially on email. Do your research for best programs, including buyer reviews on popular online retail sites.
- Perform regular external backups, and quarantine them from your network as soon as they’re completed. Keep archival history as much as possible.
- Train employees on detecting suspicious emails, links, and websites. Human behavior is often the culprit of spreading malware, such as clicking an email phishing link or social media clickbait. Proper training can minimize risk by educating staff.
- Maintain strong firewall protection to minimize the risk of a single infected machine spreading malware into your network.
- Keep all enterprise software updated with the latest releases and patches. Software firms continually improve security, and outdated software puts your business at risk.
- Administer IT user permission security so employees have access only to the software and functionality required for their job roles.
- Disable macro scripts on files shared via email — an important component of training.
- Along with preventative measures, create a contingency plan. If ransomware encrypts your systems, you’ll be better prepared to cope if you have plans in place to continue operations and speed up recovery.
Creating a Contingency Plan
Even if you have measures in place to protect your business from ransomware, there’s still a chance of being hit. That is why we always recommend creating a contingency plan, as well. This will help give you guidelines in the event that your ransomware compromises your business.
First, setting up a cryptocurrency wallet should be part of your contingency plan. If your business is hit and you decide to pay the ransom, you’ll be able to pay much sooner if you already have this in place. Then you can get your business back up and running as quickly as possible, losing less money due to downtime.
Next, it’s critical to notify the FBI if ransomware infects your systems. According to FBI estimates, more than half of targets don’t report ransomware attacks. Concerns over bad publicity likely drive this. Financial and business process recovery is difficult enough without adding in a PR nightmare.
However, the FBI is the lead federal agency for cybercrime. Their investigative and technology capabilities are state-of-the-art, and no one is better equipped to help you understand your options and recover your data. It’s also a good idea to seek out cybersecurity experts that can help look over your systems, find solutions, and better secure your network for the future.
Something that you can’t plan for but will have to decide if ransomware encrypts your systems is whether or not to pay the ransom. The FBI suggests that you do not pay the ransom. However, most victims do indeed pay.
Ultimately, the decision is up to your company leadership and will depend on the amount of the ransom, among other factors. In many cases, the cost of paying the ransom is far less than the potential losses from operational downtime.
Ransomware Can Happen to Anyone
Ransomware and cybercrime are on the rise. And costs to businesses are increasing. Education and preparation are the best defenses against cybercrime. Responsible management needs to be proactive. Threats are real, cybercriminals are serious, and today’s IT professionals need to arm themselves with the tools and the knowledge to keep their companies safe.