Have you been keeping up with the news lately? Maybe you’ve heard about a new kind of attack that’s causing a lot of headaches: ransomware. Ransomware has been in the news lately because criminals have been holding the computers and data of major institutions hostage …. what the news doesn’t cover is the attacks on small to medium size businesses.  

Ransomware is big money and is rapidly changing cyber-attack strategy. The market has expanded into highly organized crime with the help of untraceable cryptocurrencies such as Bitcoin. 

There have been several high-profile cases involving Colonial Pipeline, paying out $4.4 million; CNA Financial, one of the largest US insurance companies paying $40 million; and Ireland Healthcare’s $20 million ransom converting into a public extortion case just over the past several weeks. 

Some markets are particularly prone to ransomware attacks such as medical organizations and financial services. Attackers know that with lives literally on the line organizations in these fields are likely to simply pay the ransom to make the problem go away.

What is Ransomware?

Ransomware is usually malware that encrypts or locks a company’s data to prevent legitimate access. The attackers offer to exchange a decryption key for a large, untraceable pay out.  Additionally, the attackers will normally exfiltrate the data so they can also threaten to release or sell it on the dark web if the ransom is not paid.

Why should SMBs care about ransomware?

Some companies think they are too small to worry about experiencing a ransomware attack.  Small and medium-sized businesses (SMBs) may let their defenses down, thinking cyber-criminals have bigger fish to fry.  This couldn’t be more wrong!  Hackers that use ransomware also target SMBs because they are less likely to have controls in place to protect, detect, and prevent these attacks.

Imagine you go into your office on Monday morning, and you realize all of your systems are locked with a ransom note demanding $250,000 … how long could your business survive? A month, a week, days, hours or minutes?

Best case scenario … you have good, reliable backups.  Now you have to take the time to rebuild your systems, restore your data and bring your applications back online.  That could take weeks!  

Worst case scenario … you have no other option but to pay the ransom.  Now you have to negotiate a ransom and then convert a large sum of money into bitcoin.  Do you know how or have the ability to do that quickly?  Once you receive a decryption key, it can take weeks to restore the data.  Even after restoring, you run the risk of having some of your files corrupted.

After your systems are back online, then you have to worry about your information being released on the dark web. There’s no guarantee … they are criminals after all!

Tune in to our weekly podcast, :60 Second InfoSec, as we focus on ransomware for the month of June. 

Find out how we can help protect your business from ransomware by calling 833-ALPHA-ONE or 334-245-3125.