Ransomware is a type of malware that prevents or limits businesses from accessing their data and/or systems, either by locking the system’s screen or by locking files until a ransom is paid. More modern ransomware families, collectively known as crypto ransomware, encrypt certain file types on infected systems and force businesses to pay the ransom through certain online payment methods to get a decryption key.
Did You Know?
Globally, ransomware attacks increased exponentially in 2020, with attacks increasing by more than 485% from 2019 and average ransomware payments rising 33% in 2020 to $111,605. Remediation costs, including business downtime, lost orders, operational costs, and more, grew from an average of $761,106 in 2020 to $1.85 million in 2021.
How It Can Happen
An employee of a retail store clicks on a malicious link in their email and inadvertently downloads malicious software, encrypting all data stored on the company’s network, and thereby disrupting operations. To unlock the encrypted data, a demand for $1M in crytocurrency must be paid within 48 hours to the hacker, or the data will be lost.
Security Controls to Protect Against Ransomware
- Since ransomware is difficult to detect and fight, different protection mechanisms should be used. The most important action a small business can take is to provide employee security training and establish awareness. Empowering your employees with knowledge is the best defense to ransomware.
- Proactive endpoint security solutions can assist in preventing ransom attacks by enhancing the security posture of your business.
- Businesses should back up their data and keep an appropriate recovery process in place. Ransomware will target on-site backups to install an encryption key, therefore businesses should ensure that all backups are maintained securely offline and independently from their onsite backup.
- Businesses should update user awareness and training manuals and procedures for employees on a regular basis.
- Businesses should conduct proper patch management and review which services may be vulnerable to hackers.