10 Mar Ransomware attacks are successfully targeting small to medium-sized businesses – how do you protect your data?

Ransomware attacks are on the rise, with the average cost of a ransomware attack being £130k on mid-size businesses (Source: Gartner). The prospects for small to medium-sized businesses do not look bright. 

Find out exactly what ransomware is and how to protect yourself

We’re working in a world where technology, workplaces, and behaviours are rapidly evolving. And while this has greatly improved many aspects of business, there are also certain unwanted consequences.

One major example is an increased exposure to ransomware. Traditional perimeter-based defences are struggling to keep up with modern-day practices. There are more openings than ever for attackers to breach your network, and they’ve got SMBs firmly in their sights and there is no 100% prevention today.

In this article we’ll discuss the challenges SMBs are up against, and what they can do to overcome them.

What is a ransomware attack?

When an attacker successfully breaches an SMB’s defences, the likelihood of an attack has increased to 715% over the last year.  Cybercriminals infiltrate your systems and use ransomware to encrypt your files so you can no longer access them. They then hold this data to ransom, demanding payment for its release. And when an attacker successfully breaches an SMB’s defences, they’ll typically demand between £3000 and £6000 and these values are rising on average 37% year-on-year. 

This is somewhat of a ‘sweet spot’, as an SMB might see it as easier to just pay, rather than involve authorities or risk customers and competitors learning of the issue. So it’s no wonder as many as 47% of businesses in the UK have at some stage been affected. 

Why are SMB’s being targeted?

Ransomware attackers see SMBs as an ideal target because they have for a long time believed their current endpoint and perimeter security to be strong enough. It is very likely they’ll have less sophisticated defences compared to larger corporations, while still having the capital to be worth the risk.

And it’s unlikely that an SMB will have a dedicated cybersecurity policy in place, or specialist IT or Data Protection experts on their staff. While due to the relatively small financial amounts at stake, institutions like the police probably won’t get involved.

There’s also a lot of potential targets out there; it’s a world of opportunity for those with the means and know how to exploit it.

Should you just pay up?

It’s a big dilemma to be faced with.

Pay, and you might avoid disruption to your services and productivity, as well as any legal difficulties if the attacks gained access to your customer’s personal data.

But this will encourage and fund future attacks which ultimately entices the attacks to keep attacking, and even when you have paid there is no guarantee the attackers will even return your data. Continuing to pay only perpetuates the problem for everyone. 

And there are trends to suggest that refusal is the way forward. Last year, 97% of US and 78% of German businesses refused to pay, while 75% of Canadian and 58% of UK Companies coughed up – it’s the American/German stance that’s leading to fewer ransomware attacks.

Look to your defences 

The dilemma can be avoided altogether if you look for a proactive solution. And the first step is to evaluate your defences.

Most SMB’s are currently protected by a traditional wall of defences: often a combination of firewall, email scanners, web filtering solutions and endpoint security agents. But in modern business, this is no longer enough to keep your business safe as these attacks can penetrate traditional defences by encrypting around 6,000 – 8,000 files per minute. 

Additionally, employees often access the business network from multiple locations on multiple devices – all of which are outside the wall. 

Take the fight to ransomware attackers

It’s not a matter of if, but when any given organisation will be hit by a ransomware attack. Which leaves two options:

1. 1. 1. Continue as you are with your current defences, and deal with the consequences of the attack infiltrating your systems, either paying the ransom and hope your data will be returned or go through a very costly and disruptive rebuild or restoration of your file
      2. Take the fight to ransomware attackers by introducing a new cybersecurity solution. One which responds instantly to an attack when everything else in your perimeter defence has failed

This is something that should be driven by your IT teams – but are they equipped for the task?

Ricoh’s Cyber Security Practice – the military graded containment solution 

Ricoh’s Cyber Security Practice – employed by both the US and UK governments – provides an automated technology that reacts in seconds, as soon as the ransomware infiltrates your system. Making sure the attack does not spread and limiting the files affected.

Click to read Cyber Security Practice

Here are just some of the key features it offers:

• Detailed live visibility with playback, displayed on a dashboard in real-time
• Outbreaks stopped within seconds, notifying those who need to know
• Keeps your business running smoothly, with one user being immediately identified and up running again within a short period of time no more than one user affected by an attack
• Tracking of the few affected files before shutdown
• And not only is taking the proactive approach the best way to defend against ransomware attacks, but it’s also easy to implement too

Containment solutions can take as little as four hours to be installed, and it can usually be done remotely – meaning minimal disruption to your teams and business. 

If you have any questions or would like to know more about proactive ransomware protection, get in touch with Steve Timothy.