In recent months, ransomware has been increasingly garnering headlines here and across the globe. If you’ve been keeping your head down and believe that it won’t happen to you or your business – now is a good time to think again.
Ransomware is generally spread using some form of social engineering, for example, where victims are tricked into downloading an email attachment or clicking a link that contains a virus, which in turn locks a user’s or company’s data. This is followed by a message from the hackers demanding payment to release the affected files.
Unfortunately, too often businesses don’t have the right protections in place and thus cough up the ransom.
As a result, ransomware has become a lucrative option for cyber extortionists, who are taking advantage of individual’s and business’ willingness to pay up and are making millions.
In fact, the FBI and security experts have warned that the total cost of damages is increasing exponentially and is set to hit US$1 billion in 2016 alone.
In recent months, ransomware has affected everyone from Australia Post and AGL customers, to Pokémon Go players and the Australian Federal Police. But while organisations of all types and sizes have been impacted, SMEs are particularly vulnerable.
Frequently, small business IT teams are stretched thin and, in some cases, rely on outdated technology due to budgetary constraints. This creates the perfect storm for ransomware vulnerability.
Our business, Datto, recently surveyed 100 managed service providers in Asia-Pacific, representing thousands of small businesses. A staggering 85 per cent reported that their SME customers had experienced a ransomware attack in the past 12 months.
According to the survey’s findings, businesses in the region are paying an average ransom of $11,781 to unlock files that are held ransom – a considerable expenditure for any small business with limited resources.
The statistics are clear. For SMEs it’s no longer a question of ‘if’ but ‘when’ ransomware will strike. Fortunately, there are measures you can take to protect your business against ransomware attacks.
1. Education, education, education
For one property management firm, it all started with a suspicious email. The email was so well-crafted, it bypassed the firm’s email security, DNS blocking service and anti-virus software. The user that received the email downloaded the attached zip file and the virus started encrypting files on the local and shared resources. The damage was done.
Again and again, I’ve dealt with businesses that have suffered a successful ransomware attack in which a lack of cyber security awareness among employees played a leading role. First and foremost, education is essential to protecting your business against ransomware. It is critical that your staff understand what ransomware is and the threats that it poses.
Provide your team with specific examples of suspicious emails with clear instructions on what to do if they encounter a potential ransomware lure: don’t open attachments and if you see something, say something.
According to a recent McAfee Labs report, researchers identified 1.3 million new ransomware samples in Q2 of 2016, meaning total ransomware has grown 128 per cent in the past year.
Just like the flu, ransomware is constantly evolving. Likewise, education is a continual process. Biannual formal training goes a long way in informing staff about new developments in ransomware.
When new employees join the team, make sure you send them an email to bring them up to date on cyber best practices. Another good way to stay on top of the latest threats, is to sign up to services such as the Australian Competitor and Consumer Commission’s Scamwatch and the Stay Smart Online Alert Service.
2. Layer cyber security solutions
There’s one thing that the cyber security world agrees on: there’s no one solution to our cyber security problems. It takes many technologies and processes to protect one’s business from ransomware.
Saying that, a good place to start is with antivirus software, which is designed to detect, block and remove viruses and malware. It’s then a matter of layering additional solutions on top.
A network firewall that monitors incoming and outgoing network traffic is essential. Cyber criminals design their attacks around vulnerabilities in popular software products, which makes patch management an important consideration for your business’ cyber security strategy, too.
Recent studies have shown that weak passwords are at the heart of the rise in cyber theft. To mitigate this risk, consider adopting a password management solution for all employees. Encrypting hard drives is also an important consideration and will ensure all data will be completely inaccessible, for example, if a laptop is stolen.
3. Invest in a backup solution
Critical to protecting your business from ransomware is ensuring that it could get back up and running quickly in the event of an attack, and remember, no business is immune.
Our survey found nearly half of SMEs experienced business-threatening downtime as a result of a ransomware attack. Data is the nucleus of today’s businesses. As such, taking frequent backups of your data is critical.
Today, most backup products are designed to make incremental backups of your data throughout the day to minimise data loss if something did happen. Having a backup solution in place means that if your business is breached, systems can be rolled back to a point in time before the breach occurred – saving your business critical data and, not to mention, a hard day’s work!
With a backup solution, you won’t have to pay hackers ransom to get critical data back. In addition, your business won’t experience significant downtime.
In the case of an Adelaide accounting firm, having an effective backup solution in place saved the firm $150,000 in 15 minutes. Cyber criminals tricked a staff member into opening an AGL-branded scam email that generated a screen demanding thousands of dollars, while simultaneously encrypting all their files. Fortunately, while hoping to never need it, the accounting firm had bought a backup appliance that enabled them to roll back their systems to a point before the attack in a matter of minutes. The accounting firm didn’t have to pay the ransom, and with an almost instant restore, avoided costs from downtime.
Ultimately, ransomware threats will continue. Developing a robust, multi-layered cyber security strategy can save a business. Education, the right cyber security solutions and having a backup system in place go a long way.
James Bergl is the regional director, Australia and New Zealand, at Datto.