Why Ignoring the Threat of Ransomware Could Cost You Your Business
You’ve been reading about it – hearing about it and now you’re wondering if you should be doing more to protect your data against ransomware.
The short answer is yes, and the sooner the better.
You should be doing everything possible to protect your data because the threat of ransomware is real, prevalent, and very much on the increase. And the fallout is devastating.
Let’s take a look at some facts. How prevalent are malicious attacks?
Datto, the leading provider of total data protection solutions around the world surveyed more than 1,000 IT service providers in the US and internationally. Their State of the Channel Ransomware Report[1] (2016) represented hundreds of thousands of small businesses and revealed that an incredible 91% of respondents said their clients were victims of ransomware in the previous 12 months.
91%. That’s huge!
Huge, and devastating. The cost of damages to small and medium size businesses in the US alone was $75 billion. Downtime as a result of lost data cost businesses more than $8500 per hour.[2]
In addition to the internal financial costs and the damage to the affected businesses reputation, SOPHOS Group, Security Software and Hardware Company reports that 60% of small firms go out of business within six months of a data breach.
By the end of 2016, the FBI estimates businesses will make ransomware payouts of more than one billion dollars. Small business owners are so desperate to get their data back they will call their IT service provider right away. If the IT provider cannot restore the lost data, the small business has little choice but to pay out the ransom and hope to get their data back. Unfortunately, less than 1 in 4 of these cyber incidents are reported to authorities.
It’s important to know how attackers infiltrate your system so you can prevent their entrance. Three of the most common “gateways” to your company’s data are the following:
Email phishing
With social engineering guiding the way, email phishing has become sophisticated and highly effective. Primary targets are the end users, your employees, especially those working within medical, legal, educational, banking institutions, and major retail, and construction companies. It’s not enough to say, don’t open attachments that look like___, because the phishing attempt can be disguised as a message from a colleague in the next office, a family member, or a vendor your company uses all the time.
Drive by Downloads
These infections happen when visiting a website with unpatched third party applications that have not yet been caught by the software vendor. They have, however, often been found and exploited by attackers who then use these weak point to infect the computers of anyone unlucky enough to open the link. There is usually a period of time, called (Zero-day), before the software vendor notices the breach and produces a patch. By then it’s often too late for many unsuspecting computer users.
Free Software Vectors
End users often download tantalizing free games, images, online game modifications, adult content, or attractive screensavers that are frequently infected with malicious malware.
Working remotely (on the road, or from home) also increases the chances of an employee encountering and opening a malicious email attachment or a website link, using an infected flash drive, or even by backing up an infected android phone on a computer.
What can you do to prevent a ransomware attack?
The following solutions are critical to keeping your data secure:
Your first line of defense is employee security awareness training:
- Training should be carried out on a regular basis. Employees should be notified as soon as new socially engineered strategies emerge. No employee wants to be the source of accessing malicious malware, but ingenious attackers, intent on getting at your files, can trick them. Include a simulated test-phishing attempt each month.
- Protection and detection includes software based systems such as: Sophos XG Firewall Security Heartbeat™ and Sophos Intercept X featuring CryptoGuard, which prevents the malicious spontaneous encryption of data by all forms of ransomware. And once ransomware gets intercepted, CryptoGuard reverts your files back to their safe states.
- Business Continuity. Your backup and disaster recovery plan:Whether your business has been hit by a malicious malware attack or a natural disaster, your company files can be restored entirely and quickly if you have an effective business continuity plan.
We firmly believe we have the best backup and disaster recovery tools on the planet and we are confident we can ensure that your business continues to operate in the event of a local disaster. Our partnership with companies like Datto, and SOPHOS helps us deliver a solution for backup and disaster recovery, local and hybrid cloud continuity, network security and most importantly, your peace of mind.
Our partnership with manufacturers of the best security products in the industry allows us to stop viruses such as Cryptolocker, Locky, and a host of others from crippling your business.
For our clients, ransomware is no longer a business-threatening situation, merely an unpleasant inconvenience.
Don’t ignore ransomware; protect your business!
[1] Datto.com: State of the Channel Ransomware Report – http://www.datto.com/resources/state-of-ransomware-report-2016
[2] Channelpartnersonline.com: Datto Drops Channel-Focused Ransomware Study – http://www.channelpartnersonline.com/news/2016/09/datto-drops-channel-focused-ransomware-study.aspx