MENU
Business.com aims to help business owners make informed decisions to support and grow their companies. We research and recommend products and services suitable for various business types, investing thousands of hours each year in this process.
As a business, we need to generate revenue to sustain our content. We have financial relationships with some companies we cover, earning commissions when readers purchase from our partners or share information about their needs. These relationships do not dictate our advice and recommendations. Our editorial team independently evaluates and recommends products and services based on their research and expertise. Learn more about our process and partners here.
Ransomware can hit businesses of any size. Here’s how to keep your enterprise safe.
Cybercriminals regularly target small and medium-sized businesses (SMBs) with ransomware attacks. If they get it, they can lock you out of your computer system and data. They may threaten to crash your system, wipe your records or threaten to release your private data if you don’t pay up. The average initial ransomware demand is $600,000, according to the Arctic Wolf Labs Threat Report.
In this article, find out what ransomware is, which companies are most at risk and the impact an attack can have on a small business. Finally, learn ways to prevent and manage ransomware attacks.
Ransomware is a form of malware that, once installed on a computer, locks up access to your hard drive until you pay a ransom. Victims see an on-screen message alerting them the computer has been locked or the data encrypted. They are told to pay a specific ransom to regain access to their systems. Usually, the payment is required in bitcoin, a popular cryptocurrency, which complicates the situation further.
The cost to get your data back varies depending on the target. A private individual may be required to pay $500 while a company might have to pay $500,000. Businesses are the main targets but not the only ones ― ransomware has wreaked havoc on supply chains, utilities and schools.
Ransomware has grown in popularity over recent years as cybercriminals have become more sophisticated. With victims willing to pay, cybercriminals have all the incentive they need to deploy ransomware aggressively.
“As with any industry, it is a supply and demand business,” said Daniel Clayton, vice president of cybersecurity operations at Expel. “If we continue to pay ransomware, we will continue to be attacked. It’s not unusual to see a company get hit once and then again, sometimes by the same group.”
There are several ways hackers can pull off a ransomware attack. Cybercriminals obtain access to a business’s computer network via phishing emails that contain malicious links or attachments. These emails aim to trick users into visiting websites that download the malware behind the scenes. Then, the malware gets ahold of employees’ credentials for a company network. Instant messaging apps on social media can also spread malware.
“The main ways they come in is through phishing emails or clicking on a link,” said Raj Samani, senior vice president at cloud cybersecurity platform, Rapid7. “Some of the big game hunters and even lower operators are looking for a chink in the armor.”
In the past, hackers targeted specific companies with ransomware, but that, too, has changed. Now their strategy is volume. “The groups going after the big game are quite small in number as opposed to the volume attacks. There are millions of them, which impact everybody,” said Samani.
Ransomware attack type | Method to get in |
---|---|
Email phishing | Victims receive an email with a link or file that contains malicious code. Once they click the link or file, the malware is deployed. |
RDP weaknesses | Hackers use brute-force attacks to get into a company’s network through the remote desktop protocol or they purchase network access. Once in, they unleash ransomware. |
Software holes | Hackers exploit vulnerabilities in the network’s software. |
Ransomware comes in many flavors, but the end goal is usually to make money. Hackers use some of the following tactics to achieve success:
From a criminal’s point of view, there is a lot of value in targeting SMBs. Small businesses often lack the technical and financial resources required to defend themselves properly. That’s because they often work with outdated and unpatched software and their staff typically aren’t trained on how to spot a potential cyberattack.
SMBs are also less likely to diligently and regularly back up their data. If their data is wiped, they may be forced out of business. Larger firms are more likely to back up their data so, although a ransomware attack is still serious, the threat of hackers wiping their company’s data is not an existential threat.
Broadening out from SMBs, certain types of business come under attack more than others. Key targets include:
“Ransomware is that category where they are targeting companies big and small,” Clayton said. “Unfortunately, it’s something everyone should be concerned about.”
“It can have a devastating effect on small business owners who don’t have the funds for security equipment or cybersecurity insurance for if and when they have a ransomware issue,” Jen Miller-Osborn, special projects technical liaison at NetWitness, told business.com. “They can be in a tough spot if they don’t have the money to pay for ransomware or the technical capabilities to restore their data.”
The impacts of ransomware vary depending on the cost associated with recovering your data or unlocking your network. The major negative impacts of ransomware are:
Ransomware isn’t completely avoidable, but there are steps you can take to reduce the likelihood you’ll be a victim. Here are four steps you can take to help prevent ransomware attacks.
The longer it takes to recover your data, the longer your business isn’t operational. But if you already have a data recovery and continuity plan in place, you can better manage a ransomware attack. That is why a cybersecurity risk assessment goes a long way in prevention.
“Ask yourself if my systems were no longer accessible could my business continue to run,” Samani said. If the answer is no, it’s time to plan for the unthinkable.
Educating employees on how to stay safe online is extremely important, particularly if you offer remote access to employees working from home or outside the office. Clicking on a phishing link in an email or visiting a questionable website are still common ways to infect a network, which is why employees need to know what to be on the lookout for. It’s also important to require strong passwords and multifactor authentication when logging in to the network. Miller-Osborn said conducting phishing tests of your staff periodically won’t break the bank and will help identify any areas where further training is necessary.
Ransomware attackers treat their operations as a business, focusing on targets that are easy to infiltrate. As a result, Clayton said one of the best defenses is making your company too expensive for hackers to attack. That means keeping systems up to date and patched, ensuring antivirus and antimalware software are set to update and run scans automatically and backing up your data regularly. It also means putting in place a business continuity plan if your data is held for ransom.
“You want the attackers to have to jump through as many hoops as possible,” Clayton said.
Many leading insurance companies offer what is known as small businesses cyber insurance. For under $2,000 per year, you can get protection from ransomware and other attacks. That is the case with many of the best insurance providers. Consider the providers below:
Despite your best efforts, you may still fall victim to ransomware. It is possible to remove ransomware from your system and restore everything to how it was before the attack. However, it’s quite complicated so you might want to call in an IT expert to help you.
To remove ransomware from your network and then recover your data and systems, you or your IT expert will need to take the following steps:
You should alert your customers, investors and other critical constituents about the breach. They have a right to know, and you don’t want them to sue you for sitting on an attack. The more forthcoming and transparent you are, the more your clients will trust you.
Ransomware is scary and costly, but it doesn’t have to mean the end of your business. If you follow the above tips and back up your data on a regular basis, you should be able to survive a ransomware attack.
Donna Fuscaldo contributed to this article. Source interviews were conducted for a previous version of this article.