Over the July Fourth weekend, a cybercrime operation infiltrated a network-monitoring tool powered by software company Kaseya, taking hostage 800 – 1,500 small and medium-sized business files. REvil, the operation responsible for the attack, demanded $70 million to release the files.
Ransomware attacks have risen significantly over the last few years, and remote workforces are at least partially to blame. Working outside an office can weaken cybersecurity protections. Infiltrators are also hitting companies that are higher up in supply chains to reach more businesses at one time. In 2020, the Federal Bureau of Investigation’s Internet Crime Complaint Center (IC3) received close to 2,500 ransomware complaints with losses of over $29.1 million.
How does ransomware work?
Ransomware is malicious software or malware that prevents access to your computer's data. There several methods for malware to make its way into a business’s computer system. A few of the most common tactics include:
- Phishing emails target a company by attaching malware to an incoming message. If the receiver opens or clicks the included link, malware enters the system. Cybercriminals then have access to the system’s information and can hold it hostage.
- The Remote Desktop Protocol (RDP) links computers over a network connection. Using trial-and-error to obtain user credentials, or simply purchasing those on the darknet, hackers gain unauthorized RDP access to exploit systems and download ransomware.
- Software vulnerabilities allow cybercriminals to take advantage of security weaknesses in software programs and gain access to the company's system.
Could ransomware attack my small business?
Absolutely. According to the Cyber Readiness Institute, more than half of all organizations have experienced an online security breach, and two-thirds of small and medium enterprises (SME) who encounter a cyberattack fail to recover. Cybersecurity needs to be a priority for every company, regardless of size. Starting with a cybersecurity plan is the first step.
Here’s how to get started:
- Assign a cyber readiness leader.
- Train employees on basic security practices and how to spot phishing emails.
- Require unique passwords or, even better, a passphrase, and require resetting the password frequently.
- Use multifactor authentication, including security questions, a code sent to another device, a separate app, biometrics, or GPS location.
- Make sure your software is updated, your firewall is enabled, and set antivirus software scans automatically.
- Back up data to a separate location frequently.
- Establish appropriate internet use guidelines for your staff.
- Create user accounts for each employee and give administrative privileges only to trusted vital personnel.
- Have a remote workplace policy.
With cybercrime expected to hit $6 trillion this year, securing your company's data should be a high priority. For most small businesses, having a dedicated IT employee isn't feasible; outsourcing your IT to a reputable, trustworthy company is a solution. Start your search at bbb.org.