Ransomware has been wreaking havoc on businesses and organizations worldwide, with a recent spate of high-profile incidents making headlines. But regardless of whether you work in IT or are an executive charged with protecting your organization’s systems, it can be challenging to separate fact from fiction when it comes to an understanding of what ransomware is and how easily it can infiltrate even well-prepared networks.
In this blog post, we want to debunk some common myths about ransomware threats that vastly underestimate its real-world capabilities - and show why those misconceptions could put organizations at risk if not taken seriously.
In this blog, you will find:
🤔 What is a Ransomware Attack in plain English?
🚨 Why Is Ransomware So Dangerous to Organizations?
⚠️ Ransomware Attacks Impact Organizations of All Sizes
🔒 3 Common Myths About Ransomware
🏢 Myth 1: Your Company Is Too Small to Be Targeted
🛡️ Myth 2: Your Antivirus and Firewall Are Enough Protection
🧑🏽💻 Myth 3: Your IT Department Has the Expertise and Tool
What is a Ransomware Attack in plain English?
A Ransomware assault is a cyberattack in which the attacker infects the victim's computer system and encrypts their vital data, rendering them unavailable to the victim. The attacker then requests a ransom for the decryption key, which is required to restore access to the encrypted data.
Ransomware attacks can be incredibly disruptive and expensive for individuals and companies, which is why it's essential to implement adequate cybersecurity measures to avoid them.
Why Is Ransomware So Dangerous to Organizations?
In 2023, ransomware continues to be a significant threat to companies as they struggle to protect their sensitive data from cybercriminals.
According to AGG, "in just the first half of 2022, there were 236.1 million ransomware attacks worldwide". Ransomware attacks have become more sophisticated and targeted, with attackers holding company data hostage in order to extort hefty ransom payments.
Research from IBM revealed that the "total cost of a ransomware breach was an average of $4.62 million in 2021, not including a ransom". The potential costs of paying a ransom or losing customer data can be financially devastating for businesses.
Most common tactics for Ransomware attacks
Microsoft's Digital Defense Report 2022 sheds light on the evolving tactics of ransomware attackers and their increasing sophistication.
According to the report, the most common tactics used by ransomware groups in 2021 are credential stuffing, exploitation of open ports and misconfigured network resources, as well as leveraging established malware delivery methods such as phishing and supply chain attacks. Furthermore, researchers found that ransomware actors now also use data exfiltration techniques to increase their attacks' effectiveness.
In addition, three main factors were identified as key contributors to an organization being hit by a ransomware attack:
○ Inadequate security operations processes can increase the vulnerability of an organization’s technology environment and drastically impact the recovery time after a cyberattack
○ Feeble identity controls that result in credential theft attacks
○ Inability to implement an adequate data protection strategy that is adapted to modern cybersecurity threats
The report also highlighted how attackers target specific organizations to maximize profits. As these trends continue to evolve, it is essential for companies to constantly update their security systems or risk falling victim to these malicious actors.
Ransomware Attacks Impact Organizations of All Sizes
Some think cybercriminals mainly target companies making millions of dollars in revenue. Others believe that ransomware attacks only happen to the "big fish" (well-known companies) and that other companies can remain under the radar.
That is not the case in our world today. There is no honor among thieves.
When Toronto’s Hospital for Sick Children was targeted in a ransomware attack on December 19th, 2022, the incident impacted their "internal clinical and corporate systems, as well as some hospital phone lines and webpages."
In a surprising turn of events, LockBit, a global ransomware group, publicly apologized for the attack and offered help to unlock any compromised data.
Most stories about ransomware attacks don't end this way. Many of these incidents have left their victims with negative consequences from a ransomware attack, internal tension due to the aftermath, and lost capital.
Listen to this take on the three common ransomware myths by watching this super short video.
Related article: The Emotional Impact of Ransomware: What It Feels Like to Be A Victim
3 Common Myths About Ransomware
From thinking that their company is too small to be targeted to relying solely on antivirus and firewall protection, several myths persist about ransomware. Next we will discuss the 3 most common ones:
Myth 1: Your Company Is Too Small to Be Targeted.
Some think that their company is too small to be targeted. Therefore, their risk of being hit by a ransomware attack is reduced. Believing that ransomware attackers won't come after a small company is like thinking you won't get sprayed by a fire hose if you stand out in the rain.
The reality is that most cybercrime that happens nowadays is untargeted. They take on a comprehensive approach. It's a mass attack that targets nobody and everyone at the same time. And it's just a big numbers game.
For example, if a cybercriminal group targets a million businesses, even if only 1% of those businesses become compromised, that translates into immense value for such criminals. That 1% of compromised organizations could be small businesses, enterprises, and anything in between. Even miniaturized ransomware attacks could make up a massive portion of the criminal's profits due to the number of companies affected.
Any organization of any size can be “targeted” by a ransomware attack.
It's easy for cybercriminals to take advantage of businesses that think themselves too small to be targeted, as ransomware attacks can have an outsized impact on tiny operations with little cybersecurity protection. That is just the stark reality in our modern business world.
Myth 2: Your Antivirus and Firewall Are Enough Protection
The truth is several smaller businesses, non-profits, and government agencies still rely on traditional cybersecurity protection (i.e. antivirus and firewalls). We've seen from an evidence perspective that this type of protection is not enough anymore. It might have been enough seven or eight years ago, but so many things have changed in our IT world.
Today, your business needs to go beyond this. You need to leverage things like multi-factor authentication to protect your identity or an antivirus engineered to protect against modern cyberattacks. Many tools do this, such as Defender for Endpoint from Microsoft, Sentinel One, Carbon Black, and many more.
Related blog: Is My Company Safe From Cyberattacks? How to Protect My Endpoints?
Myth 3: Your IT Department Has the Expertise and Tools
Unless your organization has a dedicated security team, you might only have efficient employees in the essential IT elements of your daily operations and are not necessarily “true” cybersecurity experts. Even if a true cybersecurity expert is in-house, how many businesses have contingency plans in place should that key employee leave for a better opportunity?
Having a true cybersecurity expert is critical, especially at the Detect, Protect, and Respond stages of a cybersecurity framework. To protect your business, it is essential to properly set up the right tools, with processes and methodologies to signal alerts (in the Detect stage). Doing all this and more to protect your environment and detect cybercriminals that are trying to infiltrate your business is critically important.
If your business needs to react to a ransomware attack, it is essential to connect with the right professionals for expert assistance. This applies to the speed of response and more intricate responses when negotiating with the ransomware providers (if your business has been compromised).
For example, some best practices to follow to ensure that you get your “key” in the end, that you're paying a reasonable price, and that the process is also covered by your insurance (which hopefully covers cyber-attacks).
Ransomware continues to be a significant threat to organizations of all sizes; by understanding how ransomware works and the common myths surrounding it, organizations can be better prepared to protect themselves against these attacks. However, cybersecurity is a complex and ever-evolving field, so it's essential to partner with an experienced team to help you navigate this landscape and keep your data safe.
Are you looking for help with your organization's cybersecurity? Let’s talk and explore how we can keep your company from becoming a ransomware story.
Get IT news & updates sent right to your inbox 📬