Media reports of ransomware attacks are a daily occurrence, however, the focus on high profile attacks, combined with the under-reporting of attacks on SMEs has led of them to become complacent when it comes to securing their business against cybercriminals.
What SMEs often don’t realise is that the data they hold or have access to is equally valuable, if not more valuable, to a cybercriminal. Evidence of this is clear. According to a recent ANZ State of the Channel Ransomware Report commissioned by Datto, 64 per cent of SMEs experienced a ransomware attack in the first six months of 2018.
A move to the cloud has also inadvertently put many SMEs at greater risk, with the report identifying Microsoft Office 365 users as the target for nearly 45 per cent of ransomware infected Software-as-a-Service applications.
But the worst part for a business often isn’t the attack itself. It’s what happens – or can’t happen – after a cybercriminal strikes. The cost of business downtime is estimated to be nearly 10 times greater than the cost of the ransom demanded, and in the worst-case scenario, an attack can leave a business so crippled that it will be forced to close. That’s without even considering the long-term impact of a cyber attack on business reputation.
Interestingly, it is a lack of cybersecurity awareness and training that is the leading cause of a successful ransomware attack on SMEs, with phishing emails, web ads, and clickbait ranked as the top ransomware delivery method. While there is no one industry immune from attack, the healthcare and finance sectors were two of the most targeted during the last quarter of the 2018 calendar year, according to the Office of the Australian Information Commissioner.
Though this report suggests a sombre outlook for SMEs, there are effective measures businesses can put in place to reduce both the impact and severity when a ransomware attack occurs. These include:
1. Prepare your front line of defence
One of the most effective ways to avoid a cyber attack is to ensure your employees are prepared. Engage employees with regular (and mandatory) cybersecurity training that enables them to spot and avoid a potential phishing scam in their inbox, a leading entry point for ransomware.
2. Implement a mix of technology solutions
There is no silver bullet. Today’s standard security solutions are no match for today’s ransomware, which can penetrate an organisation in multiple ways. Reducing the risk of infection requires a multi-layered approach to security rather than a single product. SMEs should invest in solutions that can detect potential threats, assist with backup and disaster recovery, and assess all systems post-attack.
3. Focus on business continuity
There is no sure-fire way of preventing a ransomware attack. Instead, businesses need to focus on how to maintain operations despite an attack. One way to do this is to have a solid, fast and reliable business continuity and disaster recovery (BCDR) solution. In fact, 84 per cent of MSPs in ANZ surveyed for the report noted SME recovery from an attack in 24 hours or less when they have a BCDR solution in place.
4. Hire an expert
Businesses often rely on a ‘computer savvy’ staff member to handle their IT support and not an IT expert. As an SME, having cybersecurity professionals on staff for 24/7 cybersecurity monitoring is simply not feasible. Leveraging a Managed Service Provider (MSP) that has the time and resources to anticipate and protect a company from the latest cybersecurity threats is an alternative solution.
James Bergl, CompTIA ANZ Channel Community executive council member and director of sales, APAC, Datto, Inc.