Ransomware Report for Small and Midsize Businesses (SMB)

  • Downtime and data loss are more costly to the business than the ransom
  • More SMBs are reporting attacks to the authorities
  • Fewer SMBs are paying the ransom
  • Paying the ransom too often results in data remaining encrypted-the hostage is not released
  • Ransomware often remains in the victim’s network even after paying, leading to another attack
  • The arms race between security and ransomware continues, so data protection is essential

In their survey report of IT service providers to SMBs, the data protection company Datto finds that the threat of ransomware is continuing to grow for businesses in all types of vertical markets. While most of the attacks take place against the ubiquitous Windows systems, there are now variants to attack all the other popular desktop and mobile operating systems. Even moving to use only cloud-based applications is no guarantee, as there have been successful attacks against many of the most popular cloud-based and Software-as-a-Service applications.

Email remains by far the most popular way to propagate ransomware attacks, and that usually means just a random phishing email. While these have been around as long as email has been widely used, it’s still the most effective way to attack a network. Instead of trying to climb through a figurative 3rd-story window, cyber crooks know it’s much easier to have an employee unlock the front door.

The other aspect of ransomware, like all cybercrime, is that the perpetrators have now evolved into professionally-managed businesses. They can be housed in generic-looking office parks and come complete with a customer service staff. It seems hard to comprehend that criminal organizations can operate in the open, but they are often located outside the Western business sphere, and they usually take care not to infect their fellow countrymen. Is what they’re doing illegal? Certainly in this country, maybe even technically in their own, but the lack of local victims means enforcement is extremely lax, leaving them free to operate in the open.

What can be done to prevent ransomware from infecting your business?

There are several things to do:

  1. Educate employees on the risks
  2. Test them against popular phishing models
  3. Protect your data locally
  4. Protect your data in the cloud
  5. Give yourself a way to keep operating when things go wrong

A comprehensive data protection plan is the best bargain your business can have today. In addition to ransomware, you can gain protection against employee error, fires, floods, tornados and every other kind of data mayhem you can imagine. Contact us today for a FREE consultation to see how we can help you. In a data-driven world, protecting your data means protecting your business, so you can focus on your customers. INCS  704-362-1682 option 1, or [email protected], or get a free copy of this report at https://incsnow.com/business-continuity-disaster-recovery/

Put a plan in place before one of your employees leaves the front door to your network unlocked!