Ransomware is a type of malicious software/malware that demands you to pay a ransom to regain access to your computer or files. This is the fastest-growing type of cybercrime. The latest prediction is that global ransomware damage costs will reach $20 billion by 2022, which is 57X more than it was in 2015.
In the past, it was much easier to target large corporations because criminals could ask for more money and it was usually paid. But as these corporations got smarter and started investing heavily into cybersecurity, the target shifted to smaller businesses. About 50% to 70% of all ransomware attacks in the U.S. are targeting small to medium-sized businesses. Unfortunately, most of them don’t have the funds to stay afloat after an attack, and about 60% fold within 6 months.
There are 7 main types of ransomware:
1. Crypto Malware - Encrypts your data and files and asks you to pay them in bitcoin to undo the damages.
2. Lockers - Completely locks you out of your operating system.
3. Scareware - Acts as a fake anti-virus and can flood your computer with annoying pop-ups.
4. Doxware - Threatens to publish your private information online if you don’t pay the ransom.
5. RaaS - Works the same as SaaS, where the developer leases the product. This gives everyday people with little tech knowledge the ability to perform ransomware attacks.
6. Mac Ransomware - Malicious software specifically for Mac OS.
7. Ransomware on Mobile Devices - Most likely downloaded through an app, will lock you out of your phone.
If you own a device like a computer, tablet, or phone, you’ve most likely been targeted for a ransomware attack. The best way to avoid exposure to ransomware is by educating yourself on where they come from and what they look like, therefore you’re able to identify them before it’s too late.
- Keep all of your systems and devices up to date.
- Back up your data regularly so in the event of an attack, you’re able to shut down the endpoint and prevent further spreading.
- Enable multi-factor authentication.
- Set up anti-virus software that will automatically update.
- Educate and train your employees on phishing and other schemes.
- Avoid suspicious links and questionable sites.
- Protect your network with a well-managed firewall and keep an eye on any suspicious activity.
- Implement a filtering system that will block all malicious attachments, emails, and other downloads.
- Limiting the number of administrative privileges given to employees.
- Get with a specialist to create a backup and continuity plan.
- Alert Your MSP - If you have an IT team, which you should, make sure they are aware of the attack.
- Quarantine Affected Machine - Isolate the infected devices, disconnect from the network and turn them off.
- Remove Malware and Identify Security Weaknesses - Diagnose the problem and fix it to prevent future attacks.
- Inform Employees and Customers - Inform employees first, have them change passwords, then tell clients in case of downtime or stolen files.
- Contact Your Insurance Agent - If you have cyber liability insurance, call your agent.
- Plan Your Response - You can either regain, restore, or abandon the data. You can also pay the ransom.
- Think Twice Before Paying Up - By paying, you tell the hacker that extortion works which can cause more problems later on. They also may keep your files and ask for more money.
During an attack, you are not only losing money from paying the ransom but also from the downtime, damaged reputation, and lawsuits from any kind of data leak. So while the actual ransom payment may be “doable”, the other contributing factors can be devastating.
Create a Cybersecurity Plan
Cyberattacks are inevitable, however, there are ways to prevent the amount and severity of these attacks. By creating a thorough and secure IT plan for your business, you’ll be able to minimize the damages and recover quickly. Systemverse has an array of solutions, including anti-spam/anti-virus software, regular backups, and offsite disaster recovery that can help any business survive a ransomware attack. Email [email protected] to get started!