Ransomware continues to be a rampant worldwide cyber threat, and with new strains created every day, there are no signs it will slow down. The potential to fall victim to cyber extortion is high, with no business, industry, device, or operating system safe from ransomware. The good news is everyone can be prepared for it.
Given the stories about well-known, international companies in the headlines, many small business owners fall into the trap of thinking, “Why would they target me?”. In reality, SMEs are more likely to pay moderate ransoms, as they are less likely to have adequate protection. Cybercriminals know that SMEs collectively present a highly lucrative target.
Datto’s latest Ransomware Report, which surveyed 1700 managed service providers (MSPs) who work with 100,000 SMEs globally, confirmed the ransomware threat against SMEs is very real. In the Asia Pacific region 92 per cent of MSPs reported ransomware attacks on SMEs between 2015 and 2017.
While Datto’s report found fewer SMEs are paying ransoms, and more attacks are being reported, awareness of ransomware among SMEs remains low. Only 31 per cent of SMEs in Australia are ‘highly concerned’ about ransomware, meaning education is critically needed. It’s particularly worrying that 44 per cent of MSPs in ANZ reported end users paid the ransom, more than any other region, and 15 per cent of those did not regain access to their data.
Here’s my advice: NEVER pay the ransom. Doing so only tells the criminals you have valuable data, and you’re willing to spend the money to protect it. Once they’ve identified you as an easy target, they’ll come back again and again – we’ve seen a 15 per cent rise in repeat attacks in 2017. This is cyber extortion. And, as the statistics show, paying the ransom will not guarantee your data is returned. Take the 2016 Uber breach: the popular ridesharing company claims it secured the data of 57 million users by paying the ransom, but do you trust that your information is safe? There’s no honour among thieves.
So, what can you do to protect your business? Research from Allianz Global Assistance (AGA) reveals that more than half (56 per cent) of Australian small businesses are not adequately prepared for cyber attacks. Firstly, it’s important to research, install and update frontline security, such as firewalls and antivirus software. However, ransomware continues to outsmart the leading perimeter defences, so it’s essential that businesses include cybersecurity training and a robust backup and disaster recovery solution in a multi-layered security strategy.
Even if businesses apply cybersecurity best practices to limit the impact of ransomware attacks, they also need to be able to restore their systems as quickly as possible following an attack to minimise the cost of business downtime. Disruptions to business continuity have the most significant financial impact on companies affected by ransomware (far more than the cost of paying a ransom – which you should NEVER do). The 2016 attack on the San Francisco Municipal Transportation Agency (SFMTA), for example, cost over $1.2 million in lost fares as the SFMTA took two days to restore its network. There are some great risk assessment tools available to help calculate the predicted recovery time and cost of downtime per hour for your business.
A reliable backup and recovery solution (BDR) is the most effective ransomware protection for businesses. When researching your solution, ensure it offers rapid image-based recovery so that you can spin up the most recent backup within minutes. Legacy backup solutions require new hardware to be ordered and installed, and infrastructure to be rebuilt – a process that usually takes days of downtime. A proper business continuity solution installed and managed by a local expert (such as an MSP) is critical to keeping your doors open, and keeping your money in your pocket.
Rob Rae, Vice President – Business Development, Datto
