Ransomware has officially made the mainstream. Dramatic headlines announce the latest attacks and news outlets highlight the staggeringly high ransoms businesses pay to retrieve their stolen data. And it’s no wonder why – ransomware attacks are on the rise and the average ransom payment has ballooned to over $200,000.
But the true cost of ransomware can go beyond the headline-grabbing payments. The hit to a business’s reputation can be long lasting, as can the effect of protracted downtime. And over 15% of businesses never retrieve their data. Even more, some companies lose their data even though they pay a ransom.
That’s the bad news. The good news is that were gaining a better understanding of how ransomware attacks happen. Learning how ransomware sneaks into our personal and business lives is the key to protecting ourselves.
Risks to Small and Medium Businesses
In episode 1 of Carbonite + Webroot’s new series on ransomware, security experts, futurists and business leaders discuss the risks faced by small and medium businesses.
Before the latest surge of ransomware, some small and medium businesses could get away with thinking they weren’t a target. After all, the largest companies are the ones that can afford to pay the largest ransom payments. But the truth is there are only so many Fortune 500 companies to prey on.
Now with so many new victims of ransomware, businesses are turning to cyber security experts and asking why they’re a target. The short answer is … they aren’t. Small businesses fall victim to ransomware because of misconfigured systems, lack of proper security and human error. In other words, attackers sneak in by focusing their attention on vulnerable systems. They look for things like outdated firewalls and outdated servers because those gaps in security make for easy targets.
Protecting Your Data
Jon Murchison, CEO of Blackpoint Cyber, succinctly sums up why attacks happen, “It’s bad IT hygiene.” He’s seen municipalities attacked repeatedly because of holes in their network. He once fought off six waves of attacks, crediting Webroot’s capacity to hunt down malware and his ability to respond in real time. Without that, he guarantees there would have been a mass ransom event.
That’s why investing in cyber security is so important. With the explosion of ransomware, businesses that don’t protect themselves can fall victim to a ransomware. By establishing strong security measures, you can keep your company out of the next ransomware headline.
Acknowledging the Threat
Dr. Kelley Misata, CEO & founder of Sightline Security, says it’s an exciting time for technology, with the proliferation of IoT and mobile devices. But she adds, “people aren’t realizing that by interacting with that technology, they are putting themselves at risk for a cyber security event to happen.”
Dr. Misata has dedicated her career to helping others understand cyber security and teaching them how to adopt best practices in their own lives. Because ransomware attackers look for the easiest target, she tells her clients that “it’s not just how they protect their businesses, it’s how they protect their lives, how they protect their customers, and how they protect those around them.” Ransomware doesn’t just sneak in through our work computers and business servers. If our mobile devices are vulnerable, attackers will break in that way.
First Step in Preventing Ransomware
The first step in preventing ransomware is knowing who it targets and how it sneaks in. Big businesses make headlines, but small and medium businesses are increasingly falling victim to ransomware. And more and more often, ransomware piggy backs on our personal devices to sneak into our business lives.
Taking all this together will help you to focus your efforts when you invest in cyber security.
Then stay tuned for Carbonite + Webroot’s episode 2 in our series on ransomware: The Rise of Ransomware.