Over the past few years, cyber criminals have significantly ramped up their efforts in targeting small and mid-sized businesses with cyber extortion attacks. Using ransomware malware and compromised confidential data, they attempt to force their victims into paying large ransom payments.
Whether or not such a payment goes through in the end is practically irrelevant. What is important is that smaller companies in particular still need to up their game when it comes to cybersecurity. Cyber attacks like ransomware are happening across every sector, targeting organizations of all sizes and structure.
Even football is not immune. Just last month, Manchester United was the target of a cyber attack on their systems. Though the club has stated that it “has taken swift action to contain the attack,” it’s been widely reported that it was a sophisticated cyber extortion campaign that caused significant internal disruption.
According to latest European State of the Channel Ransomware Report, a survey of over 150 managed service providers (MSPs) working with SME clients, the negative impact of ransomware is on the rise. Here are a few key findings:
• Ransomware is the most prominent malware threat. In 2019, 83% of MSPs report ransomware as the most common malware threat to SMEs.
• 61% of MSPs reported attacks against clients, in the first half of 2019 alone. 19% of MSPs report multiple ransomware attacks in a single day.
• The average ransom requested by hackers is increasing. MSPs report the average requested ransom for SMEs is €2,300 / £1,990.
• Downtime costs are up by 300% year-over-year. The cost of downtime is 53 times greater than the average ransom requested in 2019.
In this article we’re going to tell you everything you need to know about ransomware: what it is, why it’s so prevalent, and how you can protect your company’s network against it.
What is Ransomware?
Ransomware is a type of malware that encrypts files and documents within a network. It can target a small part or section of a network or the whole system, including the servers. Victims of a ransomware attack are then presented with a message informing them that they must make a payment, usually in Bitcoin, in order to release their data. This message is often accompanied with the threat of a public release of the organization’s sensitive data.
The victims of a ransomware attack are generally left with few options. If there is no decryption key available, they can either regain access to their encrypted network by paying the ransom or try to restore their system from backups.
Ransomware attacks tend to start in one of two ways:
1. Someone within the organization clicks on a link or an attachment. When opened, it initiates a download of the malicious software which then proceeds to encrypt the network.
2. Larger ransomware campaigns exploit software vulnerabilities or hacked user credentials to gain access to an organization’s network. In this case, the cyber attackers will search through the network for valuable data and encrypt as much as they can.
Often, affected organizations will not even know that their network has been compromised. Advance attackers will stealthily move across the network to ensure that everything possible can be encrypted before the ransomware attack is launched.
Why is Ransomware So Common?
Ransomware is effective precisely because there is a general lack of awareness and understanding regarding how to protect data from modern threats. It is commonly believed that technology, such as SSL and firewalls, will protect data from hackers. But, the reality is that it only protects the perimeter of your network from unauthorized access. Once a cyber criminal compromises any part of the perimeter, the data is then easily accessible.
Even in the instance where an SME is deploying additional cyber crime detention and prevention systems to recognize, contain and block suspicious activity within their network, the fact remains that the data itself is not being properly protected.
Should a hacker succeed in compromising these cyber security solutions, the data is then a “sitting duck.”
How Can You Protect Your Data from Ransomware?
But, there is a solution to this problem already on the market.
Cy4Secure from Bonafeyed has developed new approach to data protection that is a real game changer in cybersecurity. What makes this solution so unique is it’s focus on protecting the data itself via 800-bit encryption, multi-factor authentication, and password-less data cryptography. This renders data unusable to hackers even if they manage to get their hands on it. Plus, Cy4Secure operates in the background with no effect on user workflows.
Cy4Secure goes beyond simple file encryption by protecting data within a database or CRM, ERP, accounting, cloud storage, collaboration applications, or traditional office applications, and messaging systems. It also automatically secures data placed in backups or archives and continues to protect data after it is sent to devices outside of the network.
What all of this means is that your data is protected even while IT works to fix vulnerabilities in perimeter security. It’s safe even if your cyber security controls fail to prevent, detect, or contain a breach. You data is also protected when it is lost, stolen, abandoned or forgotten. In all cases, your data remains secure and inaccessible.
On top of this, Cy4Secure can be deployed in minutes and is fully automatic. Protecting your club’s valuable data from the threat of ransomware is as easy as pressing a button.