Clearsale Blog | Insights on Ecommerce and fraud

Ransomware: What Merchants Need to Know About This Major Threat

Written by Sarah Elizabeth | Sep 27, 2016

Recently, a bold new player has emerged in the world of cybersecurity: ransomware. It’s one of the biggest cyberthreats we’ve seen in years, and it’s critical that you understand what it is – so you can protect your business.

Why is ransomware such a big deal?

Ransomware is an attempt by a cybercriminal to extort payment from a business by infiltrating and commandeering its technology systems. The criminals then threaten to shut down the business’s operations or delete critical files unless a hefty ransom is paid.

Just how big of a threat is ransomware? According to a recent study by Trend Micro, in the first three months of 2016 alone, ransomware led to a breathtaking $209 million in losses for U.S. businesses – a number that is only expected to grow.

Ransomware enters into business systems in several sneaky ways:

  • Delivered via attachments in spammed email: 58%
  • Downloaded from URLs hosting ransomware: 40%
  • Other means: 2%

Once unleashed, these ransomware files hold hostage to everything from database files (52%) to SQL files (19%) and websites (14%).  

Alarmingly, the nature of ransomware continues to evolve. Recent exploits include cyberhackers that threatened to delete a number of files for every hour the ransom wasn’t paid or another incident that upped the ransom payment for every hour past the demanded deadline.

What’s at stake for e-commerce websites?

Unfortunately, ransomware is more than just a financial nuisance for the businesses that fall prey to these attacks. While there’s an obvious direct monetary cost to paying a ransom, there’s also the potentially significant opportunity cost of lost sales and damaged reputation that can result from a hijacked website.

Forced into a difficult Sophie’s Choice, many victims will simply bite the bullet and pay their ransomware extorters – mentally writing it off as a cost of doing business in today’s tech age.

While experts generally advise against this course of action, some business owners find the threat of losing critical files or a prolonged website shutdown to be serious enough that simply paying the demand is the most efficient way to dispose of the problem.

But when ransoms can run exorbitantly between $10,000 to $50,000 or more per incident (usually payable only in some untraceable form of cryptocurrency, such as Bitcoin), merchants owe it to themselves to prevent an attack from happening in the first place.

What can merchants do to protect themselves?

If all of this sounds scary, good. You should be scared! Fortunately, there are a number of steps you can take to reduce your risk of falling victim to a ransomware attack.

Educate your staff

Start by having regular and ongoing conversations with all employees. Make sure they understand what ransomware is, how to recognize potential ransomware threats, and what to do if they run across anything suspicious. 

Update software and apply security patches regularly

This may seem obvious, but a surprising number of companies take a lax approach to routine maintenance. Because ransomware viruses can penetrate a system through an unpatched server or software, keeping your systems up to date is absolutely critical.

Upgrade your network defenses

Current best practices that your IT team should have in place include monitoring network ports with reputation-based analysis and blocking, script emulation and zero-day exploit detection. Meanwhile, behavior monitoring helps defend endpoint machines by detecting rapid encryption of multiple files in a system, stopping encryption and blocking ransomware from spreading more damage, while application controls help allow only the execution of safe apps identified in a white list.

The battle against ransomware represents a major threat to all businesses. And yet, simply staying aware and vigilant is your first and best line of defense.