Every security vendor and his dog have jumped on the recent WannaCry and Petya variant ransomware attacks as a business opportunity. It’s easy to be cynical about these events being used as marketing opportunities, but the truth is that the sheer scale of the attacks brings cyber security into sharp focus worldwide, crystallising a global laissez-faire attitude toward security measures.
Affecting 10,000 organisations in more than 150 countries, WannaCry provided a glimpse of the future of cyber attacks, and highlighted just how vulnerable businesses have become to malware, which seizes a victim’s data and encrypts it until a ransom is paid.
Savvy cybercriminals realise that, collectively, SMEs are a profitable target as they are more likely to pay moderate ransom sums. We recently surveyed*one hundred IT service providers in Australia, New Zealand, Singapore, Malaysia and Philippines about the current state of ransomware. Eighty-five per cent of the MSPs surveyed reported that their customers had experienced a ransomware attack in the past 12 months – a number that is set to rise.
The majority of SMEs do not have the expertise to defend against sophisticated cyber attacks, nor do they have the resources to cope with the cost of downtime, so paying a ransom often seems like the lesser of two evils. The average ransom is usually several hundred dollars – an amount that many SMEs accept as a cost of doing business in the digital age. However, there’s no “honour among thieves.” A recent Telstra report** found nearly one in three organisations that paid a ransom never recovered their hijacked files.
Overall, we can agree that businesses need reliable security and business continuity measures if they want to avoid paying a ransom and ensure there is minimal (if any) business threatening downtime when (not if) they are subject to a ransomware attack. However, many business owners are complacent when it comes to stringent security, and don’t realise that they really need to batten down the hatches.
Frontline defences such as firewalls and antivirus software are critical but not watertight, and therefore not sufficient to mitigate ransomware. A multi-layered approach to cybersecurity that also incorporates education and backup is the best way to both reduce the likelihood of a ransomware attack and ensure business continuity.
Educating your employees about the red flags of phishing emails and how to avoid questionable downloads is essential, given that most ransomware is delivered using some form of social engineering. Cyber criminals will target unsuspecting victims with what appear to be legitimate messages, tricking people into clicking on a link that will execute a ransomware file.
Backup is a failsafe measure to ensure both paying a ransom and the costly downtime associated with a ransomware attack can be avoided. If SMEs take system snapshots at regular intervals, the system can be restored to the most recent “healthy” recovery point before the ransomware executed, getting their business up and running again instantaneously.
The recent WannaCry and Petya variant attacks have demonstrated how quickly and easily ransomware can cause havoc on a global scale. Unfortunately, small businesses are a prime target for cyber criminals, and now is the time to prepare your security defences against this growing threat.
* https://www.datto.com/resources/dattos-state-of-the-channel-apac-ransomware-report
** https://www.telstra.com.au/content/dam/tcom/business-enterprise/campaigns/pdf/cyber-security-whitepaper.pdf
James Bergl, Regional Director – ANZ, Datto
