Is Your Business A Ransomware Target?
Touch wood, but we’re pleased to announce that none of our clients has been the victim of ransomware. Along with everybody else, they have been the target but not a victim.
To answer the title question: yes, your business is a target from hackers using ransomware, but then again, so is your gran (or elderly parent depending on your age).
The fact of the matter is that most hackers are not particular about whom they target. This is, at least, true for cybercriminals that don’t have crack skills to steal with stealth. They are most probably using the tools and tactics shown to them in Hacker as a Service kit available on the black web.
ZDNet reports the three most targeted industries are banking, retail and utilities. However, cybersecurity experts warn that in the digital age, no business is safe from the threat of ransomware.
Accomplished hackers target big paydays from corporations. They’re the data breaches that hit the headlines. What goes underreported in the media is the large number of SME’s that are breached each day.
In the UK, it is estimated that, on average, 65,000 cyber attacks captured in a 24-hour period, targeted SMEs. The most attacks in any one day were as high as 359,000.
Bad actors go after SMEs because they are generally an easier target. One study found that 32% of SME’s in the UK do not have a cybersecurity strategy and 48% of executive managers said their staff have not been given cybersecurity awareness training.
Like I said, easy targets.
What are the types of ransomware?
I imagine you’re already familiar with ransomware, but just to clarify, ransomware is a strategy in which cyber criminals release malware onto a target network that has malicious code. The consequences of a ransomware attack are:
- Locker ransomware: this malware locks you out of the system so nobody can access files until you pay the hacker a ransom to release your files. This is the classic ransomware attack, hence the name.
- Crypto ransomware: encrypts data so that it cannot be accessed without a unique decryption key. You have to decide whether the hacker actually have a key or are they bluffing.
The good news for SMEs is that ransomware attacks can be prevented. Or at the very least, significantly reduced. The only bad actors that can navigate their way past today’s security defences are the top hackers – and most of those work for state governments and international corporations. They don’t have that much interest in small businesses.
How to Identify Ransomware Threats and Infections
Ransomware is typically sent via email – a cybercrime technique known as phishing. Again, you probably know that, but I’m just checking. The malware that contains the malicious code is embedded in an attachment or downloaded from a website.
These types of social engineering attacks rely on the attachment being opened or the link being clicked to execute the download. Identifying suspicious emails is key to preventing cyber criminals from accessing your network.
Installing anti-virus software and ensuring all your apps, plugins and operating system is up-to-date is a given. Whilst anti-malware technologies are excellent, they only detect “known malicious codes”.
New codes will not be detected by technology. However, there are some tell-tale signs you can look out for.
Ransomware scans networks looking for large file locations that are most likely to store sensitive data. During this process, you will experience an unusual slowdown on your network.
Whilst a system slowdown can occur for a number of reasons, mark it down as suspicious activity that should be investigated for a potential cyberattack. In any case, a system slowdown can indicate a larger problem that will need attending sooner rather than later.
Suspicious File Extensions
The goal of malware is to corrupt the integrity of your files so it can access them. It does this by changing the name of the files.
If you notice suspicious file extensions on file names or locations (i.e other than common extensions such as .doc. pdf, etc) the chances are that your network is infected with a virus that could potentially be ransomware.
Common ransomware extensions include ecc, .ezz, .crytped or .cryptor.
Can’t Access Data
When a network is compromised with ransomware, the virus deletes or relocates files and folders, or encrypts data. When files are encrypted, you will not be able to access files.
If your employees have an issue where they cannot find or open a file they previously had access to, the incident should be immediately reported to your appointed data controller.
The most obvious indicator that identifies ransomware is when the attack happens. The first sign will be an explicit message on the screen of an infected computer informing you that your business files have been compromised and that you must pay a specified amount in a certain timeframe to have them released.
The Cost of a Ransomware Attack
It’s not possible to quantify the cost of a ransomware attack because it will be different for everyone. A Sophos survey last year revealed the average fee paid for a ransomware attack is $170, 404.
The highest payout among the firms surveyed was $3.2 million. The most common ransom was $10,000.
On top of the ransomware fee, you will also have to pay a penalty dished out by GDPR administrators for a data breach, potential legal costs together with the fees involved in investigating how the data breach occurred and installing appropriate defences so it doesn’t happen again.
IT Support Consultancy
Cybersecurity is a fairly new discipline within the IT field. If you don’t have a great deal of prior experience dealing with cybersecurity technologies and strategies, securing your business network can be a minefield. You may be able to lay some traps, but clever hackers will find a way through.
To ensure your business network has the best cybersecurity defences possible, speak to our IT experts in Surrey. We also cover IT support in London, Kent and all across the UK.
There’s little doubt that ransomware is a problem that needs addressing – regardless of the size of your business. Your obligation to protect the privacy of your clients data has to be a priority – and you also owe it to your employees to protect the continuity of your business.