Just as technology has evolved, the prevalence of ransomware attacks has too. Organizations need to stop thinking it “won’t happen” to them and instead get ready for when it does.
Here is a quick Q&A answering the most common questions about ransomware.
What is ransomware?
Ransomware is when hackers hack into your network and encrypt it and hold your data hostage. They then charge you a hefty ransom fee to recover the data. These infiltrations into your network are typically done via phishing emails and aim to exploit endpoint vulnerability.
Why is ransomware a big deal?
Ransomware targets and threatens to sell the acquired data on the ransom not being paid and even threatens its misuse. The pandemic gave rise to a dramatic increase in ransomware attacks, and businesses were forced to change their ways of working in a hurry to suit the ways of the “new normal.” This rushed atmosphere made for the perfect time for cybercriminals to attack vulnerable businesses that did not have time to put watertight systems in place.
Is my business really at risk?
It is estimated a business is infected with ransomware every 14 seconds. All businesses are at risk of ransomware, big and small ones included. If your business has an active digital and web presence, you must consider a plan of action in case of an attack. With automated tools, hackers are targeting businesses and demanding thousands of dollars to have the data back. Small companies seem more at risk as they typically have less time and money to invest in preventive security measures against ransomware.
How can my business get infected with ransomware?
Ransomware is often spread through phishing emails that contain malicious attachments or through drive-by downloading. Phishing is when you get legitimate-looking emails asking you to take a specific action. You only need to click a bad link once to let attackers quietly into your system. Malicious websites make up 23% of attacks, and compromised passwords account for 21% of ransomware attacks.
Why is ransomware so hard to undo?
Ransomware attacks lead to long-term damage, whether temporary or permanent loss of sensitive information or disrupting regular operations. More so, ransomware attacks take weeks for the hackers to set up. Once inside a network, they stay hidden and take their time to make lots of changes. They make it virtually impossible for IT security and data protection systems to detect them, and by the time they do, the damage is already done.
How much is the typical ransom?
Just as ransomware attacks have increased, so have their financial impacts. Hackers charge anywhere between $10,000 from small companies to $150,000 from the big ones and more. They will change their ransom demand based on how much money they believe a business has. It is important to note that the ransom is not the only cost these businesses incur but also several indirect costs resulting from data loss.
Nearly 50% of businesses are underprepared for these attacks and must pay these ransoms to get their data back. Post-attack, productivity is damaged, as staff need time to get used to new systems and ways of working.
What can I do now to protect my business?
In today’s day and age, it is almost impossible to stop a ransomware attack from taking place. However, you can be prepared. That is why you must equip your systems with updated versions of data protection and regularly train employees on cyber security and to handle an attack if it should happen. Check out our blog on 5 steps to improve your ransomware resilience.