Ransomware Plagues The Cincinnati Business World — Do You Know How To Defend Your Company?

Ransomware is likely today’s biggest threat to cybersecurity, and it’s only getting more dangerous. Do you know the state of ransomware in 2021?

You’ve probably heard a lot about ransomware and other cybercrime threats. It’s easy to hype up the doom and gloom about cybercrime – fear is often a great motivator.

But at a certain point, it’s probably turned into background noise, right? You hear so much about types of threats that you get numb to it.

Don’t get lulled into a false sense of security…

What’s The Reality Of Ransomware in 2021?

We won’t sugar coat it – ransomware hit new heights this year, affecting a majority of businesses that have encountered any kind of cybercrime threat.

Don’t assume we’re exaggerating this for effect — experts estimate that a ransomware attack will occur every 11 seconds in 2021. Here are just a few key examples, out of the thousands of incidents that occurred in the past year:

  • Ransomware infects Colonial Pipeline, disrupts the US gas economy: A ransomware attack against Colonial Pipeline caused a widespread shortage of gas across the country. The encryption of the petroleum supplier’s systems forced them to shut down operations for a number of days, highlighting the vulnerability of critical US infrastructure to cybercrime attacks.
  • Ransomware costs the Irish Healthcare System hundreds of millions: Health Service Executive (HSE) was infected with ransomware in May, and the ensuing ordeal levied a series of expenses, eventually reaching as much as $600 million.
  • Ransomware takes Travelex’s global operations offline: A sophisticated ransomware attack took down Travelex’s systems in more than 70 countries for multiple days, timed specifically for when staff would be on holidays.

How Does Ransomware Work?

In a ransomware attack, an unsuspecting user clicks on a seemingly safe link or an emailed attachment that appears to be a bill or other official document.

Instead, the attachment installs a malicious software program (malware) onto the computer system that encrypts the data and holds it at ransom. The user is then stuck without access to their data, and faced with paying the attacker a huge sum.

How Does Ransomware Infect Your Systems?

There are five primary ways that hackers trick targets into downloading ransomware:

  • Phishing: Phishing is a hacking technique that “fishes” for victims by sending them deceptive emails. Phishing attacks are often mass emails that include ransomware as an attachment.
  • Malvertising: Hackers have found vulnerabilities in many popular, modern browsers like Google Chrome and Mozilla Firefox. They spam users with official-looking pop-ups informing them of an “infection” or “security alert” prompting them to download a file or click a link. That’s where the ransomware comes into play. As with so many of these methods, it just comes down to getting the user to interact with malware in some way without knowing it.
  • Remote Desktop Protocol: RDP is a known infiltration point for cybercriminals, especially for unpatched systems.
  • 3rd-Party Remote: Many cybercriminals are attacking third-party remote-control tools as they know that once they can gain access to a remote control tool, they will have access to several machines that can be infected.
  • Out Of Date Hardware: Many of the most common malware and viruses used by cybercriminals today are based on exploiting those programming flaws; to address this, developers regularly release software patches and updates to fix those flaws and protect the users.

What Is The Real Cost of Ransomware?

There are a number of key costs that will come with a ransomware attack, including…

  • Ransom: This is the most obvious cost, and it just keeps going up. According to cybersecurity company Coveware, what was an average ransom of $6,733 in 2018 has increased to $12,672 in 2021.\According to Datto, the average ransom requested by hackers is increasing. MSPs report the average requested ransom for SMBs is ~$5,900, up 37%, year-over-year.
  • Downtime: As Kapersky notes, 34% of businesses hit by ransomware take up to a week to regain access to data. In that week, you’re still incurring costs associated with downtime while you and your staff can’t access your data. That’s time in which you can’t get work done, can’t serve your clients, can’t gain new business, and still pay your employee wages and ongoing costs to keep the lights on. Put simply? Lots of expenses with no revenue.=Downtime costs are up by 200% year-over-year, and the cost of downtime is 23X greater than the average ransom requested in 2021.
  • Remediation: Lastly, there’s the cost of damage control. Do you have to hire an IT company to help you out? Do you have to hire a forensic cybersecurity crew to determine how you were attacked? Do you have to pay fines for breaching HIPAA or FINRA regulations? These all get added to the bill for getting hit by ransomware.  According to Beasley Breach Response’s noncompliance report
    • The average ransomware payout is $116,000
    • The highest ransomware demanded by cybercriminals was $8.5 million
    • The highest ransom paid by a target organization was $935,000

How could it possibly cost so much? Just think for a second what it would be like if you couldn’t access your data. Technology is such a crucial part of business today, that without it, you can’t do much of anything.

Why Does Ransomware Work?

This may seem like an odd question, but it’s important to consider – if ransomware attacks are this common, and generally work the same way every time, why haven’t they become less effective? Because businesses like yours keep letting it happen.

Despite the countless examples as to how dangerous ransomware is, very few businesses are taking the necessary steps to protect themselves.

According to Datto, 89% of MSPs are “very concerned” about the ransomware threat and 28% report their SMB clients feel the same. It’s this lack of concern among businesses that makes them such perfect targets for cybercriminals.

What Would Happen If You Were Infected With Ransomware Right Now?

Do you have a plan? Are your system endpoints protected? Are your backups recent, tested, and viable?

It’s easy to assume that just because you haven’t been hit by ransomware yet, that you won’t be anytime soon. You may think you can put off investing in an effective business continuity plan, but without warning, you may get hit.

Don’t assume you’re safe. Take the time to make sure you are, or you may end up having to pay a ransom.

How Can You Defend Against Ransomware?

The best way to defend against ransomware is to work with an IT company whose team can implement a range of cybersecurity protections that will keep your data protected and your business in operation, no matter what happens:

  • Access Controls: Access controls should be configured so that shared permissions for directories, files and networks are restricted. The default settings should be “read-only” access to essential files, with limited permissions for write access to critical files and directories. Furthermore, only those needing local admin rights are to be provided with that access.
  • Firewall: Your firewall is your first line of defense for keeping your information safe. A firewall is a particular type of solution that maintains the security of your network. It blocks unauthorized users or suspicious connections from gaining access to your data. Firewalls are deployed via hardware, software, or a combination of the two.
  • Network Monitoring: Your IT company should be keeping an eye on your systems around the clock, identifying and suspicious activity and addressing it immediately to prevent any negative effects.
  • Data Backup: If you have a data backup solution, then it doesn’t matter if your data has been encrypted. You can just replace it with your backup, simple as that. That’s why you should make a considerable investment in a comprehensive backup data recovery solution so that you can restore your data at a moment’s notice when necessary. Be sure to:
    • Back up data on a regular basis, both on and offsite.
    • Inspect your backups manually to verify that they maintain their integrity.
    • Secure your backups and keep them independent from the networks and computers they are backing up.
    • Separate your network from the backup storage, so the encryption process is unable to “hop” networks to the backup storage device. This keeps your backup data from being encrypted.

What’s The Best Way To Protect Yourself Against Ransomware?

When you’re not sure if you have the skills or knowledge to get the job done, what can you do? Consult with cybersecurity professionals like those on the 4BIS.COM team.

The cybersecurity professional’s job is to manage your cybersecurity, simple as that. Instead of needing an employee or internal team to keep your tech and data secure, you let someone else with the skills and knowledge do it for you:

  • Cybersecurity professionals perform regular vulnerability testing as per industry standards to ensure you aren’t dealing with overlooked cybersecurity weaknesses.
  • Cybersecurity professionals help you plan and achieve a secure environment to work in.
  • Cybersecurity professionals provide ongoing service and support for any security-related concerns you may have.

Get in touch with our team to get started on your ransomware defense today.

Written by James Forbis
Posted on: November 8, 2021