Data handled by businesses of all sizes has value in the eyes of hackers, and they’ll use any method they can think of to get their hands on it.
Ransomware is the fastest-growing cyberthreat
and it’s essential for your business to have protections in place against the newest forms of this infectious malware.
Ransomware attacks systems and spreads through networks, locking down data access and putting daily business tasks at a standstill while hackers demand payment in exchange for a decryption key. Both enterprises and small companies are at risk for these attacks. As a business owner, it’s up to you to take every step possible to ensure your proprietary information and customer data is as safe as possible.
Ransomware in the News
Some of the biggest ransomware attacks in history have occurred in the recent past and dominated the news as they spread across the globe.
Affecting more than 400,000 computers in 150 countries around the world, the WannaCry attack spread using a vulnerability in Windows programming known as EternalBlue. Hackers gained knowledge of the exploit from a U.S. National Security Agency leak, allowing them to launch a crypto worm able to propagate itself throughout computer systems.
The Petya attack affected computers in Europe, the U.K. and the U.S., but the brunt of the attack was felt in the Ukraine and Russia. Petya started out as ransomware capable of triggering a system restart and installing itself as the machine booted up, but a second version dubbed “NotPetya” used the same EternalBlue exploit as WannaCry.
Only 47 percent of those who met the hackers’ ransom demands during the attacks actually received a decryption key to regain access to their data.
This variation of Petya is part of a collection of new strains of ransomware not always recognized by standard malware software. Affecting about 50,000 computers in the U.S. and organizations throughout Russian and Eastern Europe, Bad Rabbit spreads using a “drive-by” attack designed to install malicious software via infected scripts on otherwise legitimate websites. Users are presented with a popup prompting them to download an update for Adobe Flash, but the installation instead delivers malicious code with the potential to spread across networks without any additional outside actions.
About 100,000 computers around the world have been affected by the Osiris variant on the Locky crypto virus. Osiris spreads through spam emails appearing to contain receipts from purchases, prompting users to download infected PDF files. Ransomware is installed when the files are opened, infecting local devices and putting entire networks at risk.
The global cost of attacks like these in 2017 was $5 billion, and the rapid growth of ransomware could drive the impact up to as much as $11.5 billion by 2019. Every attack results in loss of time, profit and consumer trust and can leave business owners with an expensive and frustrating mess. It takes about 33 employee hours and around $300 per infected machine to recover from a ransomware attack, and the damage done to a company’s reputation can linger for years.
Is Ransomware as Dangerous as People Say It Is?
Although the ransomware attacks hitting the headlines are often those targeting enterprises and large corporations on a global scale, small businesses are also fair game for hackers. If your company collects, handles and stores data hackers see as valuable, you’re at risk for a ransomware attack.
The Ransomware Statistics You Need to Know
The continuing spread of ransomware means new attacks are now occurring an average of once every 10 seconds, an increase of 2,000 percent since 2015. Attacks in the business sector increased four percent during 2017, and a Cisco report from the same year shows overall ransomware activity has grown 350 percent every year in the recent past.
Additional statistics highlight the trend toward an increase in the use of ransomware:
- In 2017, 60 percent of all malware attacks involved ransomware
- Attacks against businesses tripled in 2016 from one every 2 minutes to one every 40 seconds
- Attacks increased 229 percent in the first few months of 2018
Small business owners need to pay attention to these numbers, especially since 58 percent of cyberattacks were directed at smaller companies as of 2018.
In 2017, 61 percent of small businesses reported falling victim to various cyberattacks, including ransomware.
Compromised Email, Phishing and Ransomware
About 94 percent of ransomware attacks originate from phishing schemes, in which apparently legitimate emails containing malicious links or attachments are used to deploy malware. Once a machine is infected, many forms of ransomware are able to travel throughout the network to which it’s linked, causing widespread shutdowns within organizations.
Another method of extortion now becoming popular among hackers involves gaining access to corporate email information, creating slight variations on legitimate accounts and sending emails to employees. This is known as business email compromise (BEC), or “man-in-the-email” attacks, these schemes are on the rise and could do as much as $9 billion in damage in 2018.
Hackers use BEC to send fake invoices or request money transfers, relying on the same social engineering tactics characteristic of traditional phishing schemes. Thinking the requests have come from corporate offices, employees unwittingly give away money and information to malicious third parties and compromise entire networks in the process.
How You Can Protect Yourself from Future Attacks
Ransomware is expected to continue to be a popular form of attack in 2018. If your systems aren’t already protected, it’s time to implement a solution to prevent hackers from holding your data hostage.
A New Generation of Data Protection
Acronis Active Protection integrates with your current anti-malware platform to safeguard all your data, including backups, against ransomware attacks. Unlike most anti-malware programs, Active Protection doesn’t rely on a database of known threats to determine whether your systems have been compromised. Instead, it tracks patterns in the way data changes from moment to moment, learning what’s normal and what signals a threat. Whitelisted and blacklisted programs are updated based on these patterns to prevent bottlenecks and ensure malicious activity is stopped before damage can be done.
This unique approach to detecting ransomware makes Active Protection a reliable long-term solution. New threats, including attacks on backed up files and small malicious changes to files, show up as data patterns are monitored, and the program is able to actively stop threats and restore locked data should a hacker manage to gain access using any method.
Keeping Your Data Safe: A Checklist for Small Businesses
In addition to investing in anti-ransomware protection, you can prevent hackers from locking down your data by:
- Automatically updating all programs and systems
- Performing routine redundant backups
- Regularly testing all backups
- Educating staff members about common phishing tactics
- Routinely evaluating and adjusting user permissions
- Creating and reinforcing a clear bring-your-own-device (BYOD) policy
If you’re concerned about security loopholes, have a professional security audit conducted to reveal weaknesses in your current protections. Follow any suggestions given to strengthen systems against future attacks.
Putting a comprehensive anti-malware and anti-ransomware solution in place is the best thing you can do to protect your small business from the extortion schemes of hackers. With Acronis Active Protection as part of your defense system, you can run your business knowing data is being monitored and network activities are actively watched. Should a breach occur, you’ll have the tools in place to stop the hackers in their tracks and restore your data as quickly as possible.
Doing business in an era when data collection is at an all-time high means breaches do happen, and ransomware attacks can be both extensive and costly. Protect your data with a suite of powerful programs and let Acronis handle prevention and restoration so that your business can continue to run without interruption.
To learn more about Ransomware, check out our previous blogs:
The incidence of ransomware attacks increased 36 percent in 2017, and global damage is expected to exceed $11.5 billion by 2019. Projections for the same year show attacks could be as [...]