Ransomware is a type of malicious software that encrypts files on infected servers and computers. It forces companies to pay ransom to the hacker who created it to get a decrypt key. Unless you have a real-time backup of all of the drives on your network, you may have no choice but to pay the ransom to regain access to your files.
How can ransomware infect your network?
Because many small businesses don’t have adequate policies and safeguards in place to protect their networks, ransomware can find many open doors to infect computers and the networks that connect them:
- Spam email campaigns may contain malicious links or attachments (in particular, links are easy to disguise and most people don’t hesitate to click on them).
- Internet traffic redirects to malicious websites.
- It exploits vulnerabilities on software that’s installed on computers and servers to infect them.
- Legitimate websites that have malicious code injected in their web pages.
- Advertising campaigns that contain malicious code, which is activated when you click on them.
- Self-propagation, in which ransomware looks for unprotected devices and “jumps” from one computer to another on the network.
- Often, it uses sophisticated techniques to hide itself from virus detection and malware protection software.
How much damage can ransomware do?
Here are some of the most common ways ransomware can attack:
- It usually uses unbreakable encryption; that means you can’t decrypt the files on your own
- It has the ability to encrypt nearly any kind of file.
- It often scrambles your file names and changes their file extensions.
- Often, the ransom payment has an escalating time limit. For example, if you pay the ransom within 24 hours, it will cost you $500. After that, the ransom may double to $1,000. If it isn’t paid by the deadline, the ransomware may destroy the encryption key – which means you will be permanently locked out of your files. This scheme increases the level of urgency to pay to get access to your data – or risk losing it forever.
- It may recruit the infected PC to further spread the ransomware to other computers on your network – and beyond.
- It may extract critical user data from your computer, such as your network login and email address, which may be used to commit other crimes.
- New ransomware is being released by cyber-criminals at an accelerating rate, with continually expanding capabilities. That makes it a moving target for network administrators.
Why ransomware targets small businesses
- Ransomware is uniquely engineered to spread over nearly any type of computer and network, including servers and cloud-based file-sharing systems. That means it can strike deep and cause widespread disruption of your business operations.
- Most businesses are concerned about bad publicity affecting their reputation with customers and other groups of constituents; as a result, they often don’t report ransomware attacks.
- Frequently, small businesses are unprepared to deal with sophisticated cyberattacks. Often, lax “bring your own device to work” policies can expose small firms to even bigger threats.
Are you at risk? Definitely!
Ransomware isn’t some obscure threat that only happens to other companies. One look at recent ransomware statistics shows that your chances of experiencing such a cyberattack are actually quite high:
- Ransomware attacks skyrocketed by a whopping 550% from 2015 to 2016, with small businesses targeted at an increasing rate, according to Kaspersky.com.
- Nearly 50 percent of organizations said they were hit with ransomware attacks in 2016, according to Malwarebytes.com.
- According to a recent survey conducted by Barkly, less than half of ransomware victims fully recover their data, even with backup.
- There has been a 600% growth in new variations of ransomware since December 2015.
What can you do to protect your company?
First, educate your employees. Teach them how to detect phishing campaigns, suspicious websites and other online scams. Encourage them to use common sense: If it looks suspicious, it probably is.
Second, adopt a comprehensive backup strategy for all of your files. This ensures that if any network or local drives are compromised, they can be quickly wiped and restored using up-to-date backup copies.
Third, fileshare permissions should be configured on the network to allow only users that access to the files. Curate Active Directory group assignments on a regular basis.
Ransomware is 1 of 5 serious network security threats affecting small and medium-sized companies today.
Read all about the 4 other serious network security threats in our FREE special report: "5 major network security threats you cannot afford to ignore". Download now