Ransomware: It’s Here and It’s Coming for Your SMB

Posted by Rob Williams on Tue, Jul 19, 2016 @ 09:30 AM


For companies that think they are too small to be the victim of a cyber crime, think again. There is a new cyber attack that searches and preys upon SMBs and personal users. Ransomware, otherwise known as a cryptolocker attack, is a sneaky phishing attack that tricks users into downloading malicious code.

This malicious code comes in many disguises and in many shapes and sizes. It can look like an email from a friend or a familiar company, or it could take the appearance of a free download of trial software. What all ransomware attacks have in common, though, is that the malicious code worms a sophisticated encryption into every file within its range.

Sometimes, the victim can be a personal computer. Other times, when a user is connected to a network, that infected encryption code can spread to an entire data center, locking down access to every stored file. This type of attack can be devastating for small and medium business owners. 

Know what makes up a secure and complete DR plan? Check out our eBook,
5 Things You Need to Know to Plan Your IT Disaster Recovery.

The Effects of a Ransomware Attack

Imagine being a small hospital that’s unable to access medical files when a patient’s life is at stake. Imagine an architecture company that’s not able to access any drawings or design files. Imagine losing client data and not being able to send out any invoices.

Data has become the heartbeat of almost every industry, regardless of company size. Large enterprises may have more data to steal, and large breaches—like those at Target and Home Depot—may get more air time. But, in terms of ransomware attacks, SMBs are one of the main targets. Why? Because SMBs are easy targets, and easy money.

The Cost of Ransomware

Just take Hollywood Presbyterian Medical Center as an example. In February of 2016, hackers broke their way into the hospital’s main systems. The price to gain back access was a steep one: $17,000. Paid in the free-form currency Bitcoin, the attack on the hospital made headlines.

Another target of ransomware attacks has been U.S. police departments. Hackers lock down all files and then typically escalate new threats, like bombings or hostage crises, to make the departments pay up faster. Since 2013, police departments in 7 states have been targeted.

In fact, ransomware attacks have cost victims more than $200 million and have increased ten-fold in the last year alone. And the list of victims grows substantially every day as higher and more frequent payouts attract more savvy criminals.

SMBs Are an Easy Target for Ransomware Attacks

It’s easy to feel that your business is small enough to not garner any attention from cyber criminals. Making the decision to skip security patches or push off necessary disaster recovery upgrades is easy enough when the feeling of false security runs rampant. But, those vulnerabilities are what cyber criminals dream of.

The fact is: no business is safe from a ransomware attack, especially since most cases can be traced back to a user making a poor decision and taking the bait of a phishing attack. So, what can companies do to avoid becoming a victim?

How to Avoid Becoming a Victim

First, train your employees and staff on how to fish-out a phishing attack. Due diligence pays off when your teams keep workers up-to-date on the latest scams.

The best way to combat a ransomware attack, however, is to have a reliable disaster recovery and data backup system that exists separately from your current systems. This separation ensures that the encryption bug won’t be able to infect and lock down your backup too. 

It is possible to recover from a ransomware attack within just minutes with very little data loss if you have the right Disaster Recovery solution.  Conversely, if you don't then you could be over a barrel and it could cost your company thousands of dollars (or more).  

If you aren't sure if your current practices will protect you, consider a reliable, secure, and affordable DR solution from a cloud provider.

Want to test your knowledge of what makes up a secure and complete DR plan? Check out our eBook, 5 Things You Need to Know to Plan Your IT Disaster Recovery.


Topics: Security