71 % of ransomware attacks in 2018 targeted small to medium-sized U.S. businesses.
Although this statistic alone exhibits the severity of ransomware attacks, most businesses are unaware and ill-equipped to deal with a ransomware attack. Ransomware is a malicious software, also known as malware, that prevents people from accessing their own data from personal devices. Hackers use businesses’ data to extort them to send money in exchange for access to their data. If businesses refuse to give money for their data, hackers can threaten to erase data or sell it on the dark web. This can be extremely problematic especially if your business has sensitive client data in addition to your business’ data.
Ransomware can affect businesses in several ways. The first and most apparent aftermath of ransomware is the halting of normal business operations. When a ransomware attack happens, it usually becomes the main task of your business to restore normal business operations. This is costly and stressful because more than 60% of ransomware attacks demand over $1,000 and 20% of the attacks demand $10,000 or more; globally, 40% of attacked businesses ended up paying ransomware demands. Unless your business has significant savings, these demands can cripple your business in the short-term. In addition to the financial cost of the attacks, it takes IT teams 9 hours on average to remediate a ransomware attack.
So how can your business protect itself from ransomware attacks?
First, the most basic and actionable step is to backup your business' data. Backing up data is essential against ransomware attacks because it allows you to retain at least some of the data that was stolen. If you backup your data frequently, a ransomware attack’s effect can be minimized to a few weeks to a month’s total loss of data. Also, you can educate your employees about ransomware. Education of your staff is one of the best investments you can make against ransomware because your staff become your first line of defense. An educated workforce will make it highly unlikely for a ransomware attack to cause significant damage. Implementing and creating a security incident response and business continuity plan should be a priority. Having your employees know what course of action to take after an incident like a ransomware attack can shield against significant loss and do what’s necessary within the first hours of an attack. Contacting law enforcement should be an additional action after implementing your security response plan. Cybercrime is still crime and reporting the incident to law enforcement can help you regain any data that can be salvaged by law enforcement. Having the report can also be an aid for any legal ramifications that can occur after a ransomware attack.