Most small and medium business (SMB) owners do not yet realize the level of threat and potentially devastating results associated with ransomware.
Ransomware is literally the act of somebody holding your data, software, PC or computer system hostage until you pay them a ransom to get it back. What happens is that you suddenly have no access to a program or file and a screen appears announcing your files are encrypted and that you need to pay (usually in bitcoins) to regain access.
Recent studies that explored the frequency, impact, cost and other factors associated with ransomware attacks in the SMB arena showed more than one-third of businesses have experienced a ransomware attack in the last year. For roughly one in six impacted organizations, a ransomware infection caused more than 20 hours of downtime, with some organizations reporting an outage of more than 100 hours.
SMBs tend to most frequently get infected with ransomware via phishing emails (either in an attachment or a link) and shared USB drives.
Several steps can help minimizing the risk of getting ransomware, including staff education and awareness. Train your staff to be cautious of suspicious messages and files, even if they come from a trusted source.
Ransomware also most frequently infects computers running older operating systems (i.e. Windows XP) that Microsoft no longer supports or updates. By upgrading to a newer, completely supported operating system (i.e. Windows 10), an ongoing stream of updates respond proactively to new security threats.
Work with a reputable Managed Service Provider (MSP). For a fraction of the cost of a full-time employee, SMBs can outsource network support and avail themselves of the latest endpoint monitoring tools, data back-up and recovery solutions and a full team of people available to fully support their computer system.
Here are some ransomware tips for SMBs and their customers to provide some level of protection against cyber-attacks:
- Always keep your security software up to date, since new ransomware variants appear on a regular basis.
- Keep your operating system and other software updated – Software updates usually include patches for newly discovered security vulnerabilities that could be exploited by ransomware attackers.
- Be wary of unexpected emails, especially the ones containing links and/or attachments.
- Backing up important data is essential, it is the single most effective way of combating ransomware infection. In case of cyber-attack, if company has backup copies, its files can be restored once the infection has been cleaned up. However, organizations should ensure that backups are appropriately protected or stored offline so that attackers can’t delete them.
- Using cloud services could help mitigate ransomware infection.