In the past 12 months, 20% of small and medium businesses (SMBs) in the US reported a ransomware attack according to a survey commissioned by Bitdefender, a security technology company. The survey participants were 250 IT professionals at SMBs. Sadly, of that 20% of SMBs, close to 40% said they paid the ransom but were not able to recover their data.
The ransom amount was an average of $2,423. There are reports of ransoms being significantly raised, if the data is highly valuable, such as medical records. Ransoms of $10,000+ have been demanded in some instances.
The volume of attacks continues to increase. Ransomware attacks on businesses grow 50% in 2016. The 2017 Verizon annual cybersecurity report stated 61% of targeted companies have fewer than 1,000 employees.
The main cause of infection continues to be phishing emails. Another significant cause is USB drives used. Ransomware can be easily transported from a home computer to a business network using a USB drive.
What Your Business Should Do
Back up, back up, and back up. Do it frequently, as least daily for data that changes quickly and even several times during a day if your critical data changes that frequently. Be redundant in your back-ups. Having several copies, stored in different locales such as on site, off site and in a cloud can provide peace of mind when a file doesn’t restore correctly.
If you have employees that work remote or at home periodically, install secure communications protocols such as a VPN or a business file share system.
Prohibit employees connecting personal devices to their work computer.
Continually remind employees to not open suspicious emails or attachments.
About the Author - Carolyn Schrader is a seasoned cybersecurity professional and founder of the Cyber Security Group Inc., providing corporate cybersecurity services to high profile clients.
Share on Facebook
Share on Twitter
I'm busy working on my blog posts. Watch this space!