According to the 2019 Verizon Data breach Investigations Report, malware accounted for 28% of data incidents and ransomware attacks made up 24% of all malware breaches. Here are the five biggest security concerns:
- Ransomware is on the rise even though overall Malware attacks have gone down from last year.
This is partially because hackers are getting more on target with who they want to attack. They are targeting hospitals, cities and local governments because they know that these organizations operations will come to a halt once their data becomes encrypted.
“Ransomware is currently one of, if not the largest, security threats for small businesses,” says Dave Ellis RMON Networks’ chief information officer. “Many business owners think that they’re too small for threat actors to target. Now, with current Ransomware technologies it’s much easier to go after smaller companies as they usually don’t have the same level of security in place as larger enterprises. Implementing some basic security solutions, such as multi-factor authentication, proper backups and security awareness training, will go a long way towards protecting your businesses.”
- More municipalities are getting hacked.
In August, 23 municipalities in Texas were victims of a ransomware attack. According to Wired magazine, this was a coordinated strike and is being called the largest single source ransomware attack against local government. In total, over 70 local governments have been ransomware victims so far in 2019, according to researchers from Barracuda Networks. Based on data from Malwarebytes, attacks against businesses and governments are up by 365%. This puts into perspective how important it is to implement solid cybersecurity practices within your business.
- Ransomware is easier for hackers to apply.
Ransomware is easier for hackers to implement because they can make money just by stealing/encrypting data. Other cyberattack tactics, like computer worms or Trojan viruses, take much more effort to implement. Why work harder to completely shut down an organization when you can have almost the same effect by stealing their data and holding it for a hefty ransom?
- Paying the ransom may cost less, but it is usually not the right way to go.
Business owners might consider paying the ransom because a cyberattack causes massive downtime for businesses. According to the ITIC 2019 Global Server Hardware Server OS Reliability Report, just one hour of downtime costs 98% of organizations over $100,000. You can’t service your customers while you are struggling to overcome a cyber-attack and therefore your business comes to a halt.
- If you do pay the ransom, there is no guarantee that you will get your data back either.
Do you really think the person who is holding your data hostage cares about the well-being of your business? In fact, according to howtogeek, a decryption key might not even exist for your variant of ransomware. If you’re caught in the crossfire of an attack aimed at a nation-state, or by a tool created to attack states that has been repurposed for routine criminal acts, there might be no key by design.
Because of these risks, the only way to avoid paying ransomware is to implement solid cybersecurity practices. Backing up your data is key to fending off ransomware if you do get attacked. If cyber criminals get a hold of your company information, you can just restore it through your backup, alert the proper authorities, and move on.
In general, it is important to have a solid network to ensure that cyber criminals can’t break in and steal/encrypt your data in the first place.
Due to recent ransomware attacks against local governments – including against Strafford County in New Hampshire over the summer — the U.S. Department of Homeland Security released a guide with 5 actionable steps to protect yourself from a cyber-attack. Below is their list.
- Back up your data, system images, and configurations and keep the backups offline.
- Update and patch systems.
- Make sure your security solutions are up to date.
- Review and exercise your incident response plan.
- Pay attention to ransomware events and apply lessons learned.
According to Cybersecurity Ventures, by the end of 2019 ransomware is expected to attack a business every 14 seconds. That is a scary statistic. This form of malware is easier for hackers to implement which is why attacks are increasing. The best way to keep yourself safe from ransomware is to back up your data.
Tim Howard, the owner of RMON Networks, can be reached at thoward@rmonnetworks.com.