Ransomware Insights and How You Can Prepare Your SMB

We’ve heard countless stories of ransom attempts on organisations like Garmin, the NHS, and Kaseya during the last five years. Despite the fact that major firms are more likely to be targeted due to their higher sales, SMBs can still be impacted. Here are some of our thoughts on the recent issue of ransomware and how you can be prepared to safeguard your staff and customers.

What is Ransomware, and how does it work?

Simply put, ransomware is a virus that encrypts your data and stops you or your customers from accessing it until you pay the ransom.

Industry Insights
Since the start of the COVID-19 pandemic, the number of cyber-attacks has drastically grown, with criminal organisations taking advantage of the panic. This has resulted in a significant increase in the average ransom money sought, which has risen from $5,000 in 2018 to more than $220,000 in 2021!

The actual cost of ransomware is not simply monetary; downtime, lost work hours, and reputational harm are never fully measurable. Consider Garmin and the tremendous reputational harm that their ransomware assault caused, with pilots all around the world unable to fly due to the loss of their navigation equipment.

In July 2021, a criminal organisation called REvil attacked Kaseya, a well-known IT software management business, with the goal of hacking their product and gaining access to many MSPs and their customers. The reputational damage caused by REvil has led thousands of trusted MSPs worldwide to feel vulnerable and at risk.

Lastly, the Colonial Pipeline was targeted this year, with a ransomware attack bringing down the largest gas pipeline in the US. The hackers demanded a $5 million ransom, which Colonial agreed to the next day. Although the crisis was avoided, people became concerned about a fuel shortage and started to panic buy fuel.

The above examples demonstrate that coordinated ransomware assaults cost much more than simply monetary value, therefore it is essential to be prepared for an attack and have the appropriate failovers in place for recovery.

How Can You Prepare?

Put together an Incident Response Plan

This will guarantee that all company stakeholders understand what to do in the case of a cyberattack. You will cover everything from incident detection and response to how to communicate the events that follow.

Backup your data & secure your backups

The most essential aspect of every firm is its data. Without backups, the only method to recover data after a ransomware attack is to pay the ransom. It is best practise to test the backup and recovery processes in order to reduce the effect of data loss and speed up the recovery process.

Use security software and ensure up-to-date

Though not to be solely relied upon, having a robust end-to-end security solution at the forefront of your network is crucial.

Employee awareness

The most common entry point for ransomware is via a malicious link or file, typically sent in an email and opened by a user. Ensuring all your users are aware of what they should be looking for is key to mitigating the risk.

Would you like to learn more?

Let us know what you would like to hear about from our Cybersecurity experts.