We’ve all seen movies where a couple of thugs in trench coats walk into a store, take a look around and say something like, “Nice place you got here, shame if something were to happen to it.” Many people might think the days of extortion went away with the end of mob-run New York and Chicago, but it’s still alive and well on the internet — in the form of ransomware.
To make things worse, as the world has been buckling down with the COVID-19 pandemic, hackers have been working overtime to take advantage of lax cybersecurity. But before we get into how to protect your company from ransomware threats, let’s see how we got here.
Understanding the Problem
For those unaware, ransomware is a form of computer virus that allows a hacker to enter your system and lock you out of every file and program you use. Then, out of the goodness of their hearts, the hackers give you two options: pay them a set amount of money or lose access to everything forever.
Ransomware has been around for decades (and we’ve written many blogs on the topic) but it has proliferated exponentially in recent years. The main reason for this is because it works. Merely stealing your information and then selling it can make them money, but not nearly as much as ransoming that same information to its rightful owner.
Ransomware attacks are still a growing industry. It is only getting easier for hackers to attack companies. Veeam reported that 85% of organizations suffered at least one cyber attack in the last 12 months compared to the 76% from the previous year. Additionally, Forbes magazine recently stated that 80% of organizations pay ransom demands. With that kind of success rate, it’s no wonder why hacking is a growing industry.
Cyber Extortion Trends Are Changing
Backing up data is a well-known and often successful way to combat being a victim of a ransomware attack. However, cyber criminals have become more creative to ensure that backups are less effective. In their 2023 Ransomweare Trends Report, Veeam said that bad actors targeted the backup repositories in at least 93% of the attacks in 2022. Having the right kind of backup system in place could be the difference between losing backup capability in a ransomware attack or being able to recover critical data.
Another method hackers use is a triple extortion attack. In these attacks, cyber criminals ask for a ransom from the company compromised, but then also extract data and use it to threaten vendors and clients who they have data on. Even if a company can recover their data without working with the cyber criminals, the data extracted becomes a powerful tool for hackers to gain money from other affected sources.
Unfortunately, there is never a guarantee that the hackers will return the information. Some will ask for additional payments and then still withold the information after multiple payments have been received.
The New Frontier
The Covid-19 pandemic taught us that we don’t need as many people in the office or even at the factory as we thought we did. Automation or remote workers can managed a lot of work and keep the business running. That means that our businesses can become even more efficient than ever before. It also means that if a hacker were to get into your system, the damage can be even more devastating.
With the way businesses are depending more and more on technology, your entire business can grind to a halt from a single bad decision someone took when opening the wrong email.
Lighting Can Strike Twice
Imagine your company has been a victim of a ransomware attack and the crisis passes. Perhaps you paid the hacker or were able to gain access to your system again some other way. Now imagine that life has gone back to normal until one day the unthinkable happens: you get hacked again with a ransomware demand.
Sadly, this is not a one-off situation. In fact, not only can this happen to a single business, but it can happen to multiple parts of an organization. One of the most famous examples of this is when a single school is hacked, then multiple other schools in the same district get hit with the same ransomware, one by one.
The reason this is somewhat common in the tech world is that organizations can have similar (or identical!) safety protocols across the board. It’s a lot less work for a hacker to work this way than to go search out other targets every time they want a hit. However, we all know one of the biggest reasons we’re unprepared is because we all think it can’t happen to us. The harsh reality is that’s what all the businesses who were hit thought, too.
What Can You Do?
While it’s true that hackers are getting more sophisticated every day, the majority of their attacks are opportunistic. Hackers take the path of least resistance, so if they can enter your system by Carol in accounting falling for a phishing scam, or if your IT department did not update their protocols after a previous attack, they’ll take that route.
That’s where we come into play. With aMSP to work on your behalf, you don’t need to worry every time someone logs into your system. And why should you waste all that time? You can focus on growing your business instead of worrying over IT with an MSP. By having us go over your current system and helping you implement a better one, you stand a much better chance when criminals come for your data. Contact our team to learn more about how you could benefit from working with our team.