Community
Ransomware attacks are on the rise and small businesses are on the menu. The 2023 State of Ransomware report from Malwarebytes Labs finds that the United States saw 1,462 attacks between July 1, 2022, and June 31, 2023. This accounted for 43% of all ransomware attacks around the world, with these attacks doubling in frequency between January and June 2023, compared with the previous 6-month period.
While the Vacant Land Scam and Business Email Compromise may be -- and should be -- top of mind for most small-business owners and employees, ransomware must also be on the threat radar. School districts were among the top ransomware targets in August 2023, in part because criminals have shifted their focus away from large corporations with strong protections and toward public and private organizations with heavy third-party dependencies and softer cyber security.
When Are You Most Vulnerable to Ransomware Attacks?
Note that the question is not, "Who is most vulnerable," because criminals are actively looking for the softest targets available. It does not matter what you do or in what sector. If you have user data or online systems that are critical to the operation of your organization, ransomware hackers have their eyes on you. You are particularly vulnerable if criminals believe you will pay their ransom to get your systems back online quickly, or if they believe you will not contact law enforcement out of a fear of reputational harm. Couple one or both of those realities with a lot of external vendors, off-the-shelf software and poor password protections and you can expect hackers to come after you.
Ransomware attacks begin with a hacker gaining enough access to your systems to install software. There are a few methods criminals use to achieve this:
Determined hackers may also use less-sophisticated methods to gain access to your systems if they know where to look. Credential Stuffing, where hackers attempt to use passwords stolen in other online breaches; Credential Spray, which involves matching known usernames with a variety of common passwords, and Brute Force, where criminals use automated systems to flood a site with username and password combinations, are among the techniques hackers may attempt.
Ransomware Attacks Are Rarely Immediate
One key aspect of ransomware attacks has changed: hackers seldom install their malware right away. Instead, hackers will loiter in your compromised systems for a period of time. They may attempt to gain access to other systems, or they may make small changes to see if you are paying attention. In some cases, hackers will wait until a period when you are particularly vulnerable, such as the start of a new school year or an active business cycle, so that their attack causes the greatest disruption possible.
The period between criminal access and ransomware deployment is your opportunity to stop the attack, but this will only happen if you are vigilant and have the right monitoring systems in place.
You can stop ransomware attempts in their tracks if you have the right monitors in place, and if someone is watching them. Your systems should be set up to send automatic alerts when they detect anything unusual, and you should have protocols in place to follow up on these alerts.
How to Mitigate and Respond to Ransomware Attacks
Sophos reports the average ransomware payment in 2023 as $1.54 million. The mean recovery cost was $1.6 million if the ransom was not paid. Every employee and organizational leader should be aware of these numbers. The days of swatting away hackers with a few thousand dollars in Bitcoin are over. Ransomware is a big-money business for criminals, which is why attacks continue to rise.
There are a few things you can do before and during a ransomware attack to protect your data, your systems and your business:
As always, the best protection is prevention, and the key to prevention is cyber security employee training alongside strong cyber security practices and protocols.
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.
Arthur Azizov CEO at B2BINPAY
20 December
Sonali Patil Cloud Solution Architect at TCS
Retired Member
Andrew Ducker Payments Consulting at Icon Solutions
19 December
Welcome to Finextra. We use cookies to help us to deliver our services. You may change your preferences at our Cookie Centre.
Please read our Privacy Policy.