Ransomware Attacks are Increasing: Here’s What Businesses Need to Know
Ransomware is a well-known type of malicious software. It restricts access to an infected machine, typically by encrypting files on the hard drive, and then demands payment of a ransom in exchange for the key to decrypt the data. Symantec Corporation, the software company that develops and distributes the Norton product line, calls ransomware “the online form of the bully’s game of keep-away.” Many might remember the WannaCry ransomware attack in May 2017 – a worldwide cyberattack that targeted computers running Microsoft Windows operating systems; over 200,0000 computers across 150 countries. Data was encrypted and random payments were demanded using Bitcoin cryptocurrency. Attacks such as this one served as a major wake-up call for larger companies who have since then implemented better system patching protocols.
Rose & Kiernan, Inc. uses Beazley Breach Response (BBR) Services for a large number of our clients. Recently, Beazley reported an increase in ransomware attacks on businesses in 2018. Over 71 percent of incidents impacted small and medium sized businesses, which they attribute to a few different factors:
- Larger companies typically have better resources to implement better controls. These controls can prevent ransomware attacks or keep them from spreading.
- Smaller companies are also “less likely to have properly segmented their backups, resulting in a higher likelihood that they will need to pay the ransom to get back up and running.”
What makes effective response to ransomware challenging are a combination of different forms of ransomware and ransomware’s ability to “stop a business in its tracks.” Due to a lack of resources and protocols, when compared to larger firms, smaller businesses are more vulnerable to ransomware attacks. However, Katherine Keefe, global head of Beazley Breach Response Services, advises businesses of all sizes to have up-to-date training for all IT employees to make sure they implement necessary, important cybersecurity measures and are aware of all risks.
As a business, always remember to maintain and update your security software. Keep your operating system updated, too, and avoid running hardware or software that is obsolete; it no longer has vendor support. Beyond just training your IT employees, provide cybersecurity training to all employees and keep them informed on best practices, security alerts and potential risks. The advice provided can help protect a business from ransomware attacks.
Of course, cybersecurity insurance is important and recommended, as it helps a business recover from a security breach or other cyber event. For more information on Rose & Kiernan’s cybersecurity risk management, please contact us at firstname.lastname@example.org. Click here to learn more about cybersecurity insurance.