Opening an unknown email, clicking a new link, or accessing a malicious document: it doesn’t take much to fall victim to a cyber attack. There are a variety of attacks that can greatly hurt your company and lead to a loss of finances and sensitive information, but ransomware attacks are increasing in frequency and severity for a number of companies.
Ransomware is a fairly simple process that can have devastating results—a person clicks on a link or accesses a file on their computer that nearly instantly encrypts all of the data on their computer or in their network. The hackers then send a ransom requiring that the affected people have a few days to pay a fee to get access to their files. If they don’t pay, they don’t get the files back. The only way around ransomware is to have your unencrypted files backed up. Cyber criminals are getting more and more vengeful in their attacks and are automating the process to attack individuals and companies of all kinds around the world. Companies tend to have more money to pay the ransom and a larger network with more holes and opportunities to encrypt files, meaning they are an ideal target for a ransomware attacker.
A recent survey by the Ponemon Institute and Carbonite found that 50% of all small and mid-sized businesses have been victims of ransomware and 48% of those businesses paid a ransom. Companies had an average of four ransomware attacks in the last year and paid an average of $2,500 per incident. Each attack took about 42 hours to fix. Ransomware is different than other malware and viruses because it is nearly impossible to break on your own. In many cases, even the most accomplished coders can’t break through the complicated algorithms to get access to the files without paying the ransom.
The number of ransomware files is growing at a an astronomical pace, but it is impossible to know just how many infected files are out there because so many ransomware attacks go unreported. The number of cryptoransomware files has more than doubled in just the last few years, and an increasing number of those attacks are focused on businesses.
A startling statistic is that just 13% of surveyed companies said they had high levels of preparedness to prevent ransomware. Most companies reported that they know what they need to do to increase their security levels, but it often just falls through the cracks. Nearly 60% of respondents said protecting their companies against ransomware wasn’t important because their businesses are too small to be considered a target. However, experts warn that anyone with a computer can fall victim to ransomware, especially as the attacks increase in number and intensity.
The best way to protect against ransomware is to have a strong series of backup solutions. It is almost impossible for ransomware to get into backup systems; if a file containing ransomware malware is including in a backup, the file is encrypted and can’t spread the disease during storage in the cloud.
A number of companies offer round-the-cloud backup support and can instantly spring into action in case ransomware is detected. All companies, no matter their size or industry, either need to contract with a backup service provider or have their own internal backup system in place to protect data and keep it safe and unaffected from ransomware. With backup software, data is regularly transferred to more secure forms of storage, including the cloud, which means that a ransomware attack has little to no effect on the business, as the unaffected data can easily be accessed from storage and used.
Aside from backup software, employees should also train their employees on how to spot potential ransomware attacks. This includes knowing which links or websites could contain a virus and knowing when not to click on something and to report it to the IT department. Backup solutions are incredibly effective once ransomware has been detected, but the best way to fight the problem is to simply prevent it in the first place.
Ransomware can be debilitating to businesses large and small, but with a strategic plan and a strong backup solution, much of the risk can be contained.