As technology innovates, more small businesses are leveraging tools and software that help with processes. Unfortunately, it’s these same investments that are leaving organizations of all sizes open to bad actors. The truth is that cybercriminals will always manage to find a back door and make it their job to be one step ahead of you as a business owner.
Ransomware attacks are just one example of a threat to your business — they’re common and they can be incredibly costly and eat away at your profit margins. In fact, the average cost of a ransomware attack on a business was $713,000 between the loss of business due to downtime and the harm to its reputation. Many businesses also report that it can be anywhere from three to five days before any digital files can be accessed.
Ransomware is malicious software (malware) that is deployed through your IT infrastructure and quite literally holds your data hostage. There are two very common approaches to ransomware that cybercriminals choose; encryption and screen lockers. Encryptors “jumble” data in your system, asking for a ransom in return for a key that will allow for decryption. Screen lockers will simply block you from accessing data with a screen that will only be unlocked with the payment of ransom.
Part of what makes ransomware so common is that it’s easily disguised in email links or attachments and then will spread quickly. Poorly protected business networks are also a prime target for ransomware, which is essentially an automated process that doesn’t take much (if any) technical skill to deploy and manage. Employees can easily be fooled into downloading programs that may seem like work-related tools but in fact “worm” their way through the network looking for holes to burrow in. This makes regular training and continuing education about ransomware a necessity.
Having a robust ransomware protection plan in place should be an on-going process that takes top priority. This plan needs to cover everything, from employee training for ransomware prevention to actionable tips that help maintain business continuity should an attack occur. There should also be a clear chain of communication to help navigate through a ransomware emergency, and the plan should be regularly reviewed.
Your business also needs to shore up IT infrastructure and best practices. Data backup should be performed consistently and firewalls should be put in place to close up vulnerabilities that cybercriminals can slip through. Restrict the software that employees can download to your business network, and patch the approved tools regularly to fix any security bugs that often go missed during development. It’s important to create a culture of safety for everyone, from top to bottom.
Even with prevention and detection in place, ransomware attacks can still happen. There’s no guarantee that businesses will get the data back if they do pay the ransom, but those that do decide to make the payment face less downtime. Ransomware payments generally involve cryptocurrencies like bitcoin, which is nearly impossible to track — great for criminals, but not great for those who need to make sure the payment was completed.
Also, the US Treasury Department has imposed sanctions on individuals and groups that have been found guilty of deploying ransomware attacks, effectively making it illegal for businesses to pay the ransom. The consequences can be staggering:
“A number of those sanctioned have been closely tied with ransomware and malware attacks, including the North Korean Lazarus Group; two Iranians thought to be tied to the SamSam ransomware attacks; Evgeniy Bogachev, the developer of Cryptolocker; and Evil Corp, a Russian cybercriminal syndicate that has used malware to extract more than $100 million from victim businesses.
Those that run afoul of OFAC sanctions without a special dispensation or ‘license’ from Treasury can face several legal repercussions, including fines of up to $20 million.”
If you haven’t done so already, it’s time to complete an audit of what kind of safety net you currently have in place. A third-party coach or consultant can help take the results of that audit and turn them into action items, helping to create a new plan, training systems for employees, and even connect you with insurance providers that offer specific cybersecurity and business continuity protection.
Getting a third-party perspective is as easy as reaching out to our team. With The Alexander Group, you can rest assured that you are working with a business coach who has sat in your chair. We’ve faced everything you face as a business owner — including ransomware.