2017 saw a difficult year for ransomware:
- WannaCry exploited Windows SMB flaw to infect over 200,000 computers in a 4 day period to the tune of up to £3 billion.
- NotPetya extorted up to £229 billion by posing as a Ukranian tax software update and exploiting the same flaw as WannaCry, leading to the closure of power plants, banks, and global companies such as Mersk and FedEx.
- Locky disguised as companies such as Amazon Marketplace to download malware that targets and scrambles documents including your bitcoin wallet file.
- According to Lloyd’s 2017 Counting the Cost report – cyberattacks cost businesses up to £344 billion a year.
The fact is, ransomware costs. Even if a business is able to circumvent the loss of sensitive or vital data or submits to paying the ransom; at minimum, the damage sustained to their reputation by a loss of customer confidence can be near impossible to recover from.
Thanks to increased awareness and the growing popularity of crypto-mining, according to Malwarebytes, there has been a steady decline in ransomware attacks in 2018. But that doesn’t mean that we’re out of the woods yet.
Rather than it all being a thing in the past, it could be that ransomware attacks are just getting stealthier or their victims are just getting more likely to pay off attackers rather than face public scrutiny. Some cyber-crime watchdogs are even predicting a resurgence: Cybersecurity Ventures have predicted that by the end of 2019, there will be a business ransomware attack every 14 seconds up from every 40 seconds in 2017.
You will already know that to prevent an attack you need the right security systems in place. But, if, for whatever reason, these measures fail – what are your options?
Paying the ransom is the fall-back for many businesses that fall victim to an attack. Attackers know that their ransoms are much more successful when they ask for smaller chunks of money from their targets. They are not asking for millions, and in many cases, they are not asking for thousands. In most cases, it is both more convenient and cheaper to pay the hijacker and do a quick security fix rather than to fight the hijacker, to go public about it, and to lose millions while the problem is fixed by company engineers. But you can’t simply ‘pay the problem away’. Paying up can actually make you subject to further attack if you get labelled as a cooperative target on the dark web.
“On the bright side, it’s easy to protect yourself: when you have a very structured discipline of data backup it’s easy to deal with ransomware.” – Monty Cristal, WIRED Magazine.
Paramount to rigorous cyber-security systems is a reliable and regular system to create back-ups. With systems in place, not only do attackers have very little hold on you but may be less at risk of being subject to further attacks.
Much to the delight of would-be attackers though, very few companies manage their backups successfully. A 2017 study by Beaming uncovered that not only did 17% of businesses failed to make backups in the first place, but even of those that did, almost 50% kept no offsite backups. Likewise, Kroll Ontrack found that even businesses that do have a backup system, frequently fail to perform them adequately: 57% of respondents that had back-up systems in place – up to 75% failed to restore everything and 25% couldn’t restore anything. The worst offenders of all? Small businesses: the primary targets of ransomware attacks.
Whether it’s because the possibility of data loss feels too remote or companies fail to seek out professional advice: many – particularly small businesses – fail to make adequate plans for the event of data loss and end up suffering the cost. Further – not only do some ransomware hinder your ability to circumvent their attack by actively targeting your backup files, but relying on network back-ups alone can leave you vulnerable to more sophisticated forms of attack or put you at risk of data loss due to human error or natural disaster. Increasingly, businesses, including those of a small or medium size, are turning to BDR (Backup and Disaster Recovery) services to protect their data.
The heart of it is that successfully backing up your business isn’t a case of automatically replicating your files on at regular intervals anymore – it takes a coordinated and targeted approach.
Ask yourself – how much data can you afford to lose?