Ransomware attacks are making headlines once again, and now, more than ever, is the time to make sure that you are prepared. We’ve written before about the emotional impact of ransomware, but now, a recent CTV news article has brought the financial impact of ransomware attacks to our attention. To the tune of $2.3 billion dollars in 2019… but more about that in a second!
So, Are Ransomware Attacks on The Rise?
There are a number of cybersecurity challenges out there for users today, and ransomware attacks are definitely cutting a swath of damage for businesses and end-users alike. Ransomware - a type of malware that infects computers and restricts access to data and files until a ransom is paid – is becoming far more specialized and targeted than ever before, and no business is immune from being targeted.
According to Statistics Canada, extortion cases, including ransomware attacks and other digital crimes, rose roughly 170% between 2012 and 2018, and that upward trend is continuing. The National Cyber Threat Assessment of 2018 said that “cyber threat actors – of all sophistication levels – will increase the scale of their activities to steal large amounts of personal and commercial data” – in other words, we’ll see an increase in ransomware attacks and nefarious activities happening going forward.
What Is the Financial Impact of Ransomware Attacks?
Cybercrime Magazine predicted that global ransomware damage costs will exceed $20 billion by 2021. They see ransomware as one of the fastest growing cybercrimes to date. And, in 2019, ransomware attacks cost Canadian companies alone upwards of $2.3 billion. Experts on cybercrime are estimating that each attack carries a $1 to $3 million price tag when you factor in cyberinsurance, investigation, and remediation costs.
It’s pretty clear that the financial impact of ransomware attacks is significant, but what can you do to protect yourself?
4 Strategies to Protect Yourself From Ransomware Attacks
Here are four strategies to help you make sure your organization doesn’t become another statistic.
1. Ensure you have Backup & Data Recovery in place.
Attackers who ransomware your computers and/or networks are looking for you to pay money to restore your files and data. Often, this data they’ve encrypted is critical to the day-to-day operation of your organization, so, by suddenly not having access to it, those attackers are counting on the fact that they are, essentially, crippling your businesses.
With an appropriate backup and data recovery solution, like Azure Disaster Recovery, in place, you take away the leverage that those attackers have against your business. A good disaster recovery program allows you to literally fail over to your backup and recovery program, and ensure that your recovery from a ransomware attack is almost immediate – all you need to do is scrub the system of the infection, then restore your data from your backups.
2. Invest in advanced Anti-Malware
By working with a sophisticated anti-malware program, like Microsoft Windows Defender Antivirus, you can ensure that any threats that do get through are not able to infect your system. So, even if an employee accidentally clicks on a malicious link, the anti-malware program goes to work and ensures that the ransomware attack is not successful.
3. Ensure you have protection against spam and phishing emails.
Attackers utilize phishing emails as the number one way to deliver ransomware attacks to your organization. To attackers, phishing emails are a relatively cheap way to send a number of emails to hundreds, if not thousands, of unsuspecting victims at a time – email addresses can run anywhere from a couple of cents to a dollar on the Dark Web. And, even if only a few of those emails are successful in delivering the ransomware attack, the amount those attackers are able to ask for make it a very profitable return on their initial investment.
Ensuring that you have protection against these kinds of emails, like implementing Office 365 Advanced Threat Protection, can ensure that your employees are not inundated by spammy emails, attachments and links are secure, and quarantine phishing threats before they cause your organization any harm.
4. Train your employees!
It’s no secret that your employees are the first line of defense for your organization. The more you train them, the more they are aware of what’s going on, the more they can be vigilant about what they click on and what information they share. Regular training provides employees with better understanding on what to look out for, and how to handle any potentially suspicious emails.
Don’t Let Ransomware Attacks Cripple Your Business
The various tools that we’ve discussed in this blog are a good jumping-off point for protecting your organization against ransomware attacks. And, whether you need backup solutions, disaster recovery solutions, want to explore Windows 10 or Office 365’s security capabilities, or just want some help with general ideas on how to protect your organization, ProServeIT is here with the experience you need to help protect your organization from ransomware attacks!
Our Cybersecurity Assessment is a good first step you can take in understanding your IT infrastructure’s potential cybersecurity risks, where the gaps might be at this time, and clear action steps (via a findings report with rated “must do”, “should do”, and “could do” categories) on improving your overall security posture.
Give us a shout, and let’s have a conversation around your concerns for ransomware attacks, and whether a cybersecurity assessment is a good first step – we’re here to help.