Ransomware took center stage this past year and grabbed the spotlight in terms of the most common cyber threat to small and mid-sized businesses (SMBs). The concern with ransomware, however, goes beyond the malware encrypting your company files. And it goes beyond the ransom that the hackers demand to remove the encryption. One of the biggest issues with ransomware is the cost of downtime that SMBs experience due to a ransomware attack. And, that downtime has gone up…a lot.
According to Datto’s Global State of the Channel Ransomware Report, the average cost of downtime as a result of a ransomware event is 94% higher than in 2019. To put it in dollar amounts, we are talking about an increase from $46,800 to $274,000 in a two-year time period. That number is jaw-dropping, especially when you tie this number back to the economics of an SMB. It is even more jaw-dropping when you think about the fact that this dollar amount associated with downtime, is around 50 times more than the original ransom request made by the hacker. Honestly, it is a lot to take in, and frankly, those are scary numbers. But do not throw in the towel quite yet.
Instead, use these numbers to gather more knowledge, build up your defenses, and have a back-up plan, if a ransomware infection occurs.
Ransomware: Gather More Knowledge
The first step is understanding the most likely approaches that hackers will take to deploy ransomware:
- Phishing Emails: Oh, yes, these emails are not going away. In fact, hackers are making them more sophisticated and even harder to spot by leveraging social engineering, and in some cases machine learning, to make the emails more realistic. They are scraping social platforms and utilizing tools to determine what email is the most likely to get a click.
- SaaS Applications: These web-based or on-demand software applications offer a hacker a potential “in” to deploy ransomware.
- Windows Endpoint Systems: This is a big one. Roughly 91% of ransomware attacks targeted Windows PCs over the last year.
Ransomware: Build Up Your Defenses
It’s important to be vigilant and try to think like a hacker. Hackers like to take advantage of current events, like the Covid pandemic and the Work From Home movement to create their attacks and create a sense of urgency. Help your team recognize these attacks by instituting a cybersecurity awareness program and improve your cybersecurity measures to ensure employees are aware of all necessary protocols. Strongly encourage regular at-home cybersecurity checks and provide employees with a way to report potential phishing emails. In terms of your SaaS applications, consider potential vulnerabilities when planning out your IT security measures.
In addition, this may be an appropriate time to review your IT security spend. Are you spending on the right solutions, and is it being spent in ways that will defend your business against these types of ransomware attacks? If it’s not, now may be the right time to make adjustments.
Ransomware: Have A Back-Up Plan
The primary solution for combatting ransomware, if it hits, is a reliable backup strategy, business continuity and disaster recovery plan (BCDR). A plan can help your business get back up and running in the event of a ransomware attack. This plan can ultimately save you money in terms of reduced business downtime. Is a BCDR fun to put together? That is a hard, no. But it’s absolutely worth it. Especially when you consider that $274,000 amount we noted above.
In addition, we encourage you to stay up to date on the latest in cybersecurity trends and news. And reach out for help if you are overwhelmed by the details shared, or if you’re just not sure where to start! Not only can Intivix help you prevent potential ransomware issues, but we’ve also got a great crew that will make the process more streamlined and effective.