Sharp Business Systems

Don't get held for ransom!

Schedule an assessement today to see if your network is vulnerable.


Schedule an Assessment

What is Ransomware, and should you be worried?

You should be concerned for both your business and personal data, as a staggering 50% of small to midsized businesses (SMBs) have suffered at least one cyberattack in the last 12 months1. However, if you are taking a proactive approach toward protection, you can stop an attack before it occurs or recover unscathed.

Ransomware is essentially cyber extortion because it delivers malicious software that holds your files captive until a ransom is paid. It features an unbreakable encryption, leaving you at the cybercriminal's mercy to unlock the files. At first, you might not even notice you are under attack. In fact, one in 10 U.S. businesses can take up to a year to discover that a breach has occurred.2 You notice when you try accessing a file and an alert message pops up demanding a ransom to be paid in bitcoins, the currency of choice due to its anonymous nature. Some victims pay the ransom out of desperation, and if “luck” is on their side a decryption key is granted. The FBI does not recommend cooperating with cybercriminals because there are no guarantees your data would be returned. In the majority of the cases, law enforcement does not have the resources or jurisdiction to go after cybercriminals.

How can you become a victim?

It's much easier than you think to be victimized. The majority of the time, cybercriminals can gain entry into your system by sending spear phishing emails with infected links or attachments that appear harmless. Once an employee clicks the link or downloads the attachment, it spreads like wildfire locking and encrypting the files on their PC. It doesn't stop there, the malicious software quickly finds its way into your network—potentially bringing your business to a halt. But email isn't the only culprit, intrusions can come from a website or web application, social media, USB stick, business application or from an unknown source.3

Who do hackers target?

It's no surprise that cybercriminals target the institutions we rely on for personal and/or business matters. However, no one is off the hook. It can happen at any given time to any size of business, industry or employee.

  • The top four industries targeted are healthcare, financial services, manufacturing and government.
  • Nearly 80 percent of organizations experienced a cyberattack during the past 12 months and half were victims of ransomware.
  • About 80 percent of companies that experienced a breach had high-value data held for ransom.
  • The impact of ransomware varied by employee level in the U.S. with mid-level managers and senior executives being impacted far more often than lower-level employees.3

What is the financial impact on SMB?

The Kaspersky Lab study found that the average cost of recovery from a single security incident for a business in the United States is estimated to be $86.5K for small- to medium-sized businesses (SMBs) and $861k for large businesses. 2 An attack could cause the loss of customers and set a lasting, negative reputation. The longer it takes for a company to identify and contain a data breach, the more it can cost to resolve the issue, and in some cases, shut their doors for good.

  • Almost 20 percent of organizations hit with targeted attacks were demanded to pay more than $10,000.
  • Of the U.S. companies victimized, more than 25 percent lost files as a result of not paying the ransom.3
  • Organizations that chose not to pay a ransom, opted out thanks to a recent backup of their files.

How to protect your company from ransomware?

Law enforcement cannot protect you, so your employees are often the first line of defense, which might be a scary thought. Along with teaching your staff about cyber threats, it's important to proactively monitor your network and back up your data before a cyberattack occurs. Ransomware insurance has become increasingly popular, and while that may cover the financial impact, the consequences of lost data may be catastrophic.

Don't wait to take action after you've been hit. Here are some pointers on how to prepare for an attack.

  • Educate employees on ransomware and how to identify suspicious emails
  • Back up your files on a cloud-based system every day
  • Frequently check security software to ensure settings are accurate and up to date
  • Install a firewall, antivirus and malware protection to form a chain of security defenses to help cover any gaps
  • Restrict network traffic to block suspicious emails and compromised websites
  • Whitelist software that is allowed to run on your network
  • Limit employee access to install software on the network

Even if your company has an in-house IT department, it may be necessary to team up with a trusted IT services partner to proactively monitor your network 24 hours a day, 7 days a week—even on holidays. Often times IT departments are busy juggling critical projects but neglect maintaining the health of your network. A watchful eye must be kept on your network at all times to tackle cyber threats before they cause irreparable damage.

2017 Ransomware Attacks4

  • WannaCry infected 230,000 computers in over 150 countries by exploiting an unpatched Microsoft® vulnerability in Windows® PCs.
  • NotPetya, a fake Ukranian tax software update, infected hundreds of thousands of computers in over 100 countries.
  • Bad Rabbit, which shares 67% of the same code as NotPetya, is spread through drive-by downloads on compromised websites prompting users to install a bogus Flash update.
  • Locky, the most popular strain of ransomware in 2016, continues to show up as a phishing email through variants known as Diablo and Lukitus.
  • Jaff uses a botnet, a network of Internet-connected computers that coordinate attacks, to send millions of spam messages demanding a ransom.
  • CrySis hacks into Remote Desktop Services giving cybercriminals access to a company’s entire network and the ability to manually install ransomware.
  • Nemucod originated in 2015 and appears as a phony shipping email. When clicked, it downloads malware and encryption software stored on compromised websites.
  • Spora adds malicious pop-ups onto trustworthy websites prompting victims to update their Chrome browser. Hackers demand a ransom payment and sell the victim’s confidential info.
  • Cerber allows novice cybercriminals to execute sophisticated and profitable attacks though a “ransomware-as-a-service” platform on the dark web, while the developers earn a cut of the profits.
  • CryptomMix strikes when a user clicks on a malicious ad, and then the victim must wait for the thief to email Bitcoin payment instructions.
  • Jigsaw is a sinister email with an embedded an image of the clown from the Saw movies. Once clicked, a countdown begins demanding the victim to pay on time or lose their files forever.

Contact Us Today

Reach out to one of our technology specialists at Sharp Business Systems so we can help to identify vulnerabilities in your IT infrastructure and formulate a backup and disaster recovery plan to ensure business continuity should ransomware strike.