Recently, a bold new player has emerged in the world of cybersecurity: ransomware. It’s one of the biggest cyberthreats we’ve seen in years, and it’s critical that you understand what it is – so you can protect your business.
Ransomware is an attempt by a cybercriminal to extort payment from a business by infiltrating and commandeering its technology systems. The criminals then threaten to shut down the business’s operations or delete critical files unless a hefty ransom is paid.
Just how big of a threat is ransomware? According to a recent study by Trend Micro, in the first three months of 2016 alone, ransomware led to a breathtaking $209 million in losses for U.S. businesses – a number that is only expected to grow.
Ransomware enters into business systems in several sneaky ways:
Once unleashed, these ransomware files hold hostage to everything from database files (52%) to SQL files (19%) and websites (14%).
Alarmingly, the nature of ransomware continues to evolve. Recent exploits include cyberhackers that threatened to delete a number of files for every hour the ransom wasn’t paid or another incident that upped the ransom payment for every hour past the demanded deadline.
Unfortunately, ransomware is more than just a financial nuisance for the businesses that fall prey to these attacks. While there’s an obvious direct monetary cost to paying a ransom, there’s also the potentially significant opportunity cost of lost sales and damaged reputation that can result from a hijacked website.
Forced into a difficult Sophie’s Choice, many victims will simply bite the bullet and pay their ransomware extorters – mentally writing it off as a cost of doing business in today’s tech age.
While experts generally advise against this course of action, some business owners find the threat of losing critical files or a prolonged website shutdown to be serious enough that simply paying the demand is the most efficient way to dispose of the problem.
But when ransoms can run exorbitantly between $10,000 to $50,000 or more per incident (usually payable only in some untraceable form of cryptocurrency, such as Bitcoin), merchants owe it to themselves to prevent an attack from happening in the first place.
If all of this sounds scary, good. You should be scared! Fortunately, there are a number of steps you can take to reduce your risk of falling victim to a ransomware attack.
Start by having regular and ongoing conversations with all employees. Make sure they understand what ransomware is, how to recognize potential ransomware threats, and what to do if they run across anything suspicious.
This may seem obvious, but a surprising number of companies take a lax approach to routine maintenance. Because ransomware viruses can penetrate a system through an unpatched server or software, keeping your systems up to date is absolutely critical.
Current best practices that your IT team should have in place include monitoring network ports with reputation-based analysis and blocking, script emulation and zero-day exploit detection. Meanwhile, behavior monitoring helps defend endpoint machines by detecting rapid encryption of multiple files in a system, stopping encryption and blocking ransomware from spreading more damage, while application controls help allow only the execution of safe apps identified in a white list.
The battle against ransomware represents a major threat to all businesses. And yet, simply staying aware and vigilant is your first and best line of defense.