Over the last couple of years, I have written about the growth of ransomware and its threat to small businesses. If you are a small business owner and those warnings did not trigger action to protect your business’s computers or network, this blog is for you. Ransomware is not just a “big business” threat. Fifty-five percent of businesses hit by Ransomware had fewer than 100 employees in 2020 (Aleksandar Kochovski, Cloudwards, Ransomware Statistics, Trends and Facts for 2020 and Beyond, November 11th, 2020, https://www.cloudwards.net/ransomware-statistics/). Moreover, the average total cost of recovery from a ransomware attack has doubled in a year, “increasing from $761,106 in 2020 to $1.85 million in 2021 (Staff, Help Net Security, 8% of businesses that paid a ransom got all of their data back, April 28th, 2021, https://www.helpnetsecurity.com/2021/04/28/ransom-paid/).” If a paid ransom doesn’t do it first, average recovery costs like these could wipe out most small businesses. For those business owners that are new to Ransomware, I’ll invest some time in this blog defining what it is, then share some recent trends, and finally, offer solutions to help protect business computers and your network.
Ransomware is a type of malware that prevents or limits users from accessing their system, by locking the users’ files unless a ransom is paid (Trend Micro, https://www.trendmicro.com/vinfo/us/security/definition/ransomware). A favorite delivery mechanism of hackers for Ransomware is spam email. The spam email often looks “legit” to the viewer. In some cases, all you need to do is open it and the malware is released into your system. According to DataProt, "nearly 85% of all emails are spam (Nikolina Cvetićanin, DataProt, What’s on the Other Side of Your Inbox – 20 SPAM Statistics for 2021, February 11, 2021, https://dataprot.net/statistics/spam-statistics/)."
Recent Trends: Hackers Use COVID-19 as a Foil
Although phishing emails saw a sharp decline by the end of 2019, in 2020 hackers exploited the COVID-19 pandemic by sending COVID-related phishing emails. Having said that, according to Cloudwards, server vulnerabilities remain the most common entry point for a ransomware attack (Aleksandar Kochovski, Cloudwards, Ransomware Statistics, Trends and Facts for 2020 and Beyond, November 11th, 2020, https://www.cloudwards.net/ransomware-statistics ).
There is no 100% foolproof thing you can do to prevent a ransomware attack. However, like protecting your home you can take steps to prevent a break-in. You can help eliminate your network as a soft target. RB’s Computer Service is an expert in implementing and managing ransomware protection plans. We have blogged extensively about implementing procedures to safeguard against malicious software, conducting a risk analysis, hardware firewalls, managed backups, VPNs, and our managed service agreements. In addition to these solutions, employee training is equally critical. It is often an employee that first notices something is awry. In these instances, time is not your friend. A rapid response could help prevent would-be hackers from taking complete control of your network. RB’s Computer Service can help with this too.
Back Everything Up
56% of businesses reported they recovered their data using a backup after being hit by a ransomware attack. On top of that, 12 percent of business owners used other means to recover their data. Finally, 26% recovered their data only after paying a ransom. Thus, instead of paying the ransom to get your data back, it makes sense to back everything up. RB’s Computer Service can help you with this (Aleksandar Kochovski, Cloudwards, Ransomware Statistics, Trends and Facts for 2020 and Beyond, November 11th, 2020, https://www.cloudwards.net/ransomware-statistics/).
A Single Back-Up is not Enough
And your backup should not be accessible from your main network. According to Kevin Latimore, enterprise malware removal specialist for security software provider Malwarebytes, Ransomware hackers have gotten a lot smarter. Hackers now use malware that is “efficient at finding backups and destroying them before launching the full attack. Before they drop their encryption, they look to cause maximum pain. They destroy backups, which leaves many who have that plan to completely start from scratch." (C|NET, Alfred Ng, Ransomware froze more cities in 2019. Next year is a toss-up, December 5, 2019, https://www.cnet.com/news/ransomware-devastated-cities-in-2019-officials-hope-to-stop-a-repeat-in-2020/). As a result, it is important your main network doesn’t have access to your back up.
If you don’t have a ransomware strategy or don’t know where to start, don’t hesitate to contact RB’s Computer Service today. The cost of a ransomware protection plan is a drop in the bucket compared to recovery costs or ransom payment. For some businesses, especially in the health care industry, there are legal liabilities to protecting patient data, and having access to it in an emergency situation. Being “locked out” or “down” is simply not an option. To devise a ransomware strategy, contact us via phone or email: 763-441-3884, firstname.lastname@example.org. In addition to ransomware strategies, RB’s Computer Service sells the best commercial-grade firewall routers, best laptop computers, best desktop computers, business computers, computer parts, and computer monitors. We also provide managed IT services, computer repair, iPhone and smartphone repair, and tablet repairs to customers and clients throughout central Minnesota and St. Cloud.