Did you know that from 2016 to 2017, about five percent of global small and medium-sized businesses fell victim to a ransomware attack?
It’s true, according to Datto’s State of the Channel Ransomware Report, which also shows that the frequency of ransomware attacks is expected to rise in the future.
If you are a small business owner, this is something you should be on the lookout for, especially when almost all IT service providers agreed this trend will continue.
What is Ransomware?
Before we get into the details, let’s first define what ransomware is.
Ransomware refers to a type of malware where the company’s data is locked out, usually through encryption. The cybercriminals then demand payment if the company wants to retrieve access to their data.
Ransomware attacks are usually committed by cybercriminals who are after monetary compensation. Payments are typically made through virtual currency so that it will be much more difficult to trace, and the perpetrator’s identity is not known.
How to Get Infected with Ransomware?
There is no one way that cybercriminals use to infect computers and networks. It can be through as suspect email attachment, a questionable link, or an infected external device.
There are also different types of ransomware attacks, including:
- Scareware – The ransomware attack will pose as security software and warn you that malware has been discovered. Responding to it can trigger the attack.
- Screen lockers – These are ransomware that completely locks a user out from their computer unless they pay the hacker.
- Data kidnappers – This ransomware targets user data and encrypts it. They will then ask for compensation before they decrypt the data.
- Doxware – The attacker threatens to publish your data in public if you do not pay.
- Mobile ransomware – A ransomware that is specifically designed to target mobile devices.
In many cases, the attacker will even threaten the target that they will destroy the encryption key, which will make data recovery nearly impossible.
Facts about Ransomware that You Should Know
Here are some trivia about ransomware to show how serious the threat is to your business:
- Because of ransomware attacks, MSPs reported that 75% of clients who were infected suffered from business threatening downtimes.
- About 30 percent of companies infected with ransomware found that the offending software remained on their system even after they resolved the issue. They are likely to be attacked again in the future.
- One in three MSPs reported that ransomware attacks even encrypted backup data, so the organization cannot even do data recovery.
- Some of the most prevalent ransomware seen are Cryptolocker, CyptoWall, Locky, and WannaCry. These are all virus or malware that searches for data to encrypt.
- The industries that are most at risk of being targets of ransomware attacks are construction, manufacturing, and professional services.
- SaaS applications are the go-to targets of ransomware attackers with Dropbox, Office 365, and Google G-Suite at the top of the list.
- Attacks on mobile devices like smartphones and tablets are expected to increase in the next couple of years
- The total ransom payment paid to attackers in 2017 reached $301 million.
- Unfortunately, 15 percent of targeted companies that do pay the ransom did not even recover their data. They basically paid for nothing.
SMBs Are Still Not Taking This Threat Seriously
The most interesting trivia about ransomware is that while 90 percent of managed service providers asked if they are highly concerned about this type of threat said yes, the same could not be said for the SMBs. In fact, only 38 percent of small and medium-sized businesses are highly concerned about the threat.
There could be a lot of factors. For one, a lot of businesses never think that they are big enough to be actual targets. They believe that hackers usually target large enterprises because that is where the critical data are.
Also, this could be because of a lack of education. There is a distinct lack of mandatory cybersecurity training across SMBs. Coincidentally, this is cited by most MSPs as a leading cause of ransomware attacks.
It makes sense. It is hard to be worried about something that you are not familiar with. That is why it is important to MSPs to explain to their SMB clients about the possible repercussions of ransomware attacks. If SMBs understood they stand to lose a lot money or their business entirely, they may start to take this threat more seriously.
Zero1zero provides reliable IT support and managed services to create a secure browsing environment for our clients. Our experienced security team monitors and manages your environment 24/7, using leading technology and advanced analytics to actively search for threats. Through a comprehensive vulnerability assessment, we can identify weaknesses and plan appropriate remediation to proactively protect your IT infrastructure.
Contact us to learn more about our cybersecurity services for your business.