The Ransomware Risk Mid-Market Companies Don’t Know They’re Facing
Mid-market companies aren’t just victims of cyber crime, they’re the primary target. PropertyCasualty360 even reports that 62 percent of all cyber attacks are against small and mid-sized businesses.
The main reason is that they tend to be easier targets when compared to larger organisations. They often lack the security framework needed to combat sophisticated, modern cyber criminals, and this leaves them susceptible. With technology-driven initiatives such as the Internet of Things (IoT) and big data becoming the norm, this greatly increases the attack surface.
What’s startling is the threat that cyber crime poses for mid-market companies. The US Securities and Exchange Commission explains that cyber crime creates an existential threat considering that roughly half of these companies are forced to go out of business within six months after being hit.
The financial damages along with the blow to a company’s reputation can be irreparable, which often creates a downward spiral that ultimately leads to their undoing.
While there are a variety of threats that mid-market companies face, ransomware is one of the most common.
A Massive Spike
At its core, ransomware is digital extortion. Cyber criminals encrypt an organisation’s data and demand payment in order for their data to be recovered. With modern forms of cryptocurrency like Bitcoin providing a means for obtaining payment while offering relative anonymity, we’re seeing a dramatic rise in the prevalence of ransomware.
Newsweek explains that there was a 250 percent increase in ransomware during the first few months of 2017. More specifically, the number of ransomware files grew from 61,832 in Q4 of 2016 to a staggering 218,625 in Q1 of 2017.
A big part of this is due to the widespread use of mobile devices. Although computers solely fell prey in the past, we’re now seeing mobile devices being targeted more and more.
In terms of the costs stemming from ransomware, experts predict that they will exceed $5 billion by the end of 2017.
The Rise of RaaS
Another contributing factor that’s adding to this upswing is ransomware as a service (RaaS). Forbes explains that cyber criminals develop malicious code and make it available for others to download and use even with minimal programming knowledge. It’s offered either for free or for a minimal fee, and the cyber criminals who authored the code will take a cut of the earnings.
Adding to the incentive for ransomware attacks even more is the quick payout. Rather than using other forms of cyber crime that involve stealing sensitive data that may take time to reap a financial reward, ransomware enables fast exploitation and payment. This makes it very appealing for underhanded individuals trying to obtain payment through unscrupulous means.
Securelist points out that this type of extortion model is seeing stable growth and is likely here to stay. We’re seeing ransomware evolving from being quite chaotic to being much more steady and executed at a higher volume. It requires less time, resources and skills – even individuals with only a base coding and programming knowledge are able to use ransomware for financial gain.
Therefore, it’s unlikely to diminish any time soon. The stakes are high, and companies need to be on notice.
A Lack of Preparedness
But there’s a problem. The average mid-market company isn’t prepared to deal with ransomware attacks.
Some of the most common reasons for this lack of preparedness include the following:
- Limited knowledge of the frequency and severity of ransomware (they don’t take the threat seriously and think they’re immune)
- Limited resources/cash flow to invest into proper cyber security systems
- Lacking a dedicated team to protect their digital assets
- Failing to possess the technical expertise needed to combat attacks
Furthermore, many mid-sized companies lack a formal response plan and wouldn’t know which steps to take in the event that they were hit. This basically makes them sitting ducks.
The scary thing is that cyber criminals are fully aware of this fact. Rather than targeting larger enterprises with more robust digital security, it’s usually easier to go after mid-market companies. It’s simply the path of least resistance.
What Can You Do?
So we’ve established that cyber attacks are an extremely pervasive problem, and ransomware in particular can bring mid-sized companies to their knees.
But what can you do about it?
Fortunately, ransomware isn’t something that you have to take lying down, and there are several types of preventative measures you can take to mitigate your risk. Let’s start from the top.
Raconteur talks about the correlation between a lack of human knowledge and a rise in security concerns. They reference IBM’s Cyber Security Intelligence Index and point out that nearly all (95 percent) of security breaches involve at least some degree of human error.
This means one thing – educating your team is pound-for-pound the best thing can do. The more knowledgeable your employees are, the less likely you are to get hit with a disastrous ransomware attack.
One of the most common attack vectors is links and attachments sent through email. This is where phishing emails deliver ransomware where a staff member unknowingly clicks on a link or attachment thinking that it’s from valid source. However, they’ll quickly find out that it’s not, and their device is infected.
It’s smart to provide comprehensive education on phishing so that your team knows how to identify a valid email from a trusted source vs. a questionable one with malicious intent. You may even want to use an anti-phishing simulator so that they can practice in a real-world environment.
Perform Consistent Backups
If a cyber criminal executes an attack and encrypts your data, you’re in trouble. But if you can restore your system and clean it up, you should be able to recover. This allows you to access your data from a previous point in time prior to the attack. As a result, you’ll regain most if not all of your lost documents from backup and will have your digital assets back up and running relatively quickly.
However, it’s important to note that cyber criminals are more sophisticated than ever, and some forms of ransomware will be able to lock you out from a system restore. Therefore, a conventional backup may not always work.
That’s why you may want to consider using advanced data backup and recovery services.
This technique involves using an authorised attempt to gain entry to your company’s data assets. This is important because you’re better able to identify flaws or vulnerabilities that could compromise security. In turn, steps can be taken to resolve those issues and greatly enhance your security.
Penetration testing is at the heart of being proactive with your organisation’s cyber security and can play an integral role in keeping you safe from ransomware. While it’s not necessarily a be-all end-all solution, it will definitely provide you with a greater sense of confidence. This is important for maintaining the edge in the never-ending cat-and-mouse game that is cyber security.
Business Continuity Planning
Employee education, backups and penetration testing are all incredibly beneficial and will go a long way in safeguarding your company’s data. However, they’re not foolproof.
Unfortunately, there simply isn’t a magic bullet that will stop 100 percent of ransomware attacks. It’s just not realistic.
But there is a way to ensure that your business stays up and running with minimal downtime, and that’s creating a business continuity plan. This involves four key steps:
- Business impact analysis
- Recovery strategies
- Plan development
The purpose is simple. You identify core business functions along with the resources that support them and develop an effective strategy that allows you to restore them in the shortest amount of time possible.
This can be a godsend for modern businesses. Even in a worst case scenario, you’ll have a means of restoring operations with minimal setbacks.
It’s also important to mention that business continuity planning transcends just ransomware and can protect your company from other scenarios such as natural disasters, network outages, etc.
This is crucial considering that 91 percent of data centres experienced at least one unplanned outage within the last two years.
Facing the Threat Head-On
When it comes to ransomware, what you don’t know can hurt you. Unfortunately, this is something that all too many mid-market companies learn the hard way.
While initiatives like digital transformation do have benefits in terms of organisational efficiency and increased productivity, they do create a larger attack surface that’s easier for cyber criminals to exploit.
One of primary concerns for mid-sized companies in 2017 and beyond is ransomware. With attacks becoming increasingly easier to execute and more lucrative, this isn’t a problem that will be going away anytime soon.
Therefore, it’s critical that organisations take the necessary precautions to prevent an attack. This ensures that your company is fully equipped to handle whatever happens to get thrown your way and reduces your likelihood of becoming another statistic.
How prepared do you feel your company is for a ransomware attack? Please share your thoughts: