Of all the types of malware, ransomware is notably dangerous for small businesses. Not only has this cyber threat been on the rise, it prefers to zero in on smaller companies, as they are the easiest targets.
Why Should My Small Business Worry?
If your business has not already been the target of an attack, consider yourself fortunate — but don’t pat yourself on the back quite yet. Hackers have found ransomware to be particularly lucrative. They introduce the malware into a system (usually through a phishing email), encrypting the user’s data, making it unreadable, and demand a ransom to send a decryption key. While larger attacks like those on municipalities, hospitals, and large corporations tend to get the most media coverage, the fact is that small businesses are targeted in 71% of ransomware attacks.
Small businesses tend to be lax about their tech security, leaving them open to these costly attacks bringing days of downtime and expensive ransoms. With an average ransom demand over $100,000, the level of impact on small businesses from ransomware can’t be overstated. The majority of outbreaks are still caused by employees clicking on infected emails or ads, but these attacks are quickly becoming more sophisticated, so the threat continues to evolve.
The average cost of a Ransomware attack and recovery for a small business is $133,000. Not all Cyber Insurance policies will cover this loss, and if you only have a cyber endorsement added on to your business policy the odds are even higher that you are out of luck when facing this type of attack.
How Does Ransomware Get Into My Network?
There are different ways that ransomware can spread, however, the following are the most common:
- Visiting fake or unsafe websites
- Opening emails or email attachments from unknown sources
- Clicking on suspicious links in emails or on social media
What Does Ransomware Do To My System?
There are two main types of ransomware that can hold computer systems hostage:
- Lock-screen ransomware works by displaying a window on the computer’s lock screen that attempts to prevent access to the computer. The message on the lock screen may even claim to come from the federal government, accusing the user of violating a law and demanding a fine.
- Encryption ransomware works by keeping the computer available but encrypting certain types of files, thus making them unreadable. The files most commonly affected are those that include sensitive information and are assumed by the hacker to be of the most value. When people try to access the files, they then see a pop-up screen that instructs them to buy a private decryption key that can decrypt the scrambled files.
What Should I Do When This Happens To My Organization?
Some operating systems provide instructions for responding to lock-screen ransomware, although results aren’t guaranteed. In contrast, encryption ransomware has no quick fix without an encryption key, which only the hackers typically have access to.
Regardless of the type of ransomware, experts recommend against paying the ransom. After all, there is no guarantee that you will regain access to your computer, network or files after you pay. Furthermore, by paying the ransom, you could be encouraging future cyber crimes.
If your business is affected by ransomware, take the following steps:
- Report the event to your local FBI office.
- File a complaint with the Internet Crime Complaint Center.
- Restore file backups, if you have them.
- Check your insurance coverage to see if it covers the costs of ransom money paid and lost business.
Does My Business Insurance Cover This?
Not necessarily. If you have an endorsement on your policy to address cyber attacks, you are most likely not covered through insurance. Should you be lucky enough to have that included, the amount included in that endorsement is most likely not enough for you to fully recover from the attack. The only time insurance would cover against this risk is through a stand-alone cyber policy that includes Ransomware in its covered perils.
How Do I Protect My Business?
Cyber extortion from ransomware is a legitimate threat to all businesses—no matter the size. The best method of prevention is to keep confidential information and important files securely backed up in a remote location that is not connected to your main network.
In addition to backing up your files, taking the following prevention measures can help keep your information secure and prevent you from becoming a victim of cyber attacks:
- Teach your employees about ransomware and the importance of preventing it.
- Show your employees how to detect suspicious emails and attachments. For example, watch for bad spelling or unusual symbols in email addresses.
- Develop a protocol for reporting incidents of ransomware and other suspicious cyber activity.
- Develop a schedule for regularly backing up sensitive business files.
- Update your company software as soon as new updates are released. In doing so, you can patch the security vulnerabilities that cyber criminals rely on, and avoid becoming an easy target.
- Purchase cyber liability insurance that not only helps you respond to threats, but can also help cover the cost of the ransom and any other losses incurred as a result of cyber extortion.
If you aren’t sure how vulnerable your business is, obtaining a Free Vulnerability Assessment and Dark Web Scan is quick and easy. We partner with multiple best-in-class Cyber Insurance Carriers, making sure you are going to survive an attack with minimal loss and inconvenience.
Click Here for your free vulnerability assessment, and to follow up with one of our Cyber Specialists.