- WRITTEN BY Jorge Rojas POSTED ON December 6,2020
2020 Ransomware Data: Should I Be Worried About Ransomware?
Business and customer data is considered the modern equivalent of gold these days and criminal elements are out there ready to hold them for ransom or steal them away from you. Should you and your business be worried? Let’s take a look back at 2020 and see the pattern from all the cases of ransomware attacks.
Only a couple of weeks to go before the year finally ends. It’s hard to imagine how 2020 is anybody’s year as we’ve seen how a virus brings humanity to its knees.
While everybody was busy with putting on masks and social distancing, cyber-attacks have been plaguing businesses from all over the world. The majority of these attacks were in the form of ransomware. For hackers, ransomware is a very profitable business. So profitable that experts believe we will be seeing a cyber attack every 11 seconds with damages going up to $20 billion by 2021.
But what is ransomware and why should it matter to you? Also, if it’s really that bad, how can you possibly protect yourself? This article will talk about ransomware, its effect on businesses big and small, and ways you can protect yourself.
What is Ransomware?
In the most basic sense, ransomware is a type of malware that “locks” or encrypts files. If the victim wants access to their files again, they need to pay money – thus the term ransomware. Most ransomware includes information on how their victims can pay to get the decryption key. The costs can range from a couple of hundred dollars but there are cases when businesses get hit and the culprits demand hundreds of thousands of dollars. Another thing worth noting is that cybercriminals prefer getting paid in Bitcoin as it is untraceable.
There are a lot of ways ransomware can enter your computer. The most common method is through phishing spam – where the malware comes as an attachment to masquerade as a file you can trust. If you download and run the file, they can wreak havoc inside your device especially if the user gets tricked into giving it administrative access. There are scarier ransomware out there like NotPetya that does not need to trick users as they are injected through security holes in systems.
When it takes over your computer, the malware then encrypts the files inside your computer. There are a lot of ways to do this and different ransomware operate differently but the end result is files that can’t be decrypted without a key from the maker of the malware.
Ransomware in 2020
This year was not any different from the past years in terms of ransomware attacks. During the start of the pandemic and the succeeding lockdowns, experts feared cybercriminals will see this as a wonderful opportunity to launch a series of attacks.
Here are a couple of takeaways from this year’s attacks so far.
- The three sectors hit hardest by ransomware attacks are the manufacturing industries, professional services, and government organizations. It’s easy to see that the attackers focus on sectors that can’t handle long downtimes – which forces them to settle the ransom faster. In the manufacturing sector for example, not operating for a day will translate to millions of dollars of lost revenue.
- Aside from just encrypting your files, criminals have added publication and exfiltration of data as part of their threats. This puts businesses that handle sensitive customer information in a very precarious position. It’s a catch-22 situation wherein even if they do pay the ransom, they will still have a data breach in their hands which will translate to regulatory fines and a stained reputation. A lot of ransomware attacks in 2022 are also categorized as data breaches because of this.
- Ransom demands are increasing at an alarming rate. IBM Security X-Force, a threat intelligence sharing platform, has seen ransom demands as high as $40 million.
- Around 26% of all tracks can be traced back to a phishing email while 17% can be attributed to vulnerability exploits.
Why Should I Care About Ransomware?
It’s easy to brush off ransomware especially when you think it only targets the bigger companies and government entities or that you only become a victim of it when you do stupid things with your computer.
The reality is, ransomware is a danger to all of us. From regular folks to large businesses. While it is true that the majority of the attacks in 2020 were on entities with 10,000 employees or more, a lot of attacks are not recorded especially on smaller businesses and private individuals.
Think about it.
Can your business afford a $100,000 ransom just to get your business back on track?
How To Protect Your Business from Ransomware
As a business owner, your goal is to protect your business. But it’s hard when the terms seem like foreign languages to you. But don’t worry. There are a couple of things you can do without going too technical. Here are a few.
- A lot of ransomware attacks can be traced to phishing emails and they are usually caused by employees who unknowingly invite the malware in. Educating your employees on the dangers of ransomware and its method of attack will turn them into your first line of defense.
- No matter how hard you educate your employees, mistakes can still be made. As such, you should restrict users’ ability to run and install software on devices in your network. This prevents little mistakes from turning into a thousand-dollar headache.
- Keeping your devices and security programs up-to-date can help prevent any malware attack. While there’s no antivirus or anti-malware program out there that’s perfect, it’s tons better than having a naked device.
- Learn to do regular data backup and to prepare a recovery plan for your most important data. Keeping an offline backup of your data will lessen the impact of a ransomware attack.
Lastly, if you want to keep your data and business safe, it’s always a good choice to hire an IT team that can help you plan and implement security measures against ransomware. Getting a seasoned IT team is a smart investment especially when your business revolves around making sure your system works. A good IT partner can help you safeguard your system and to check any vulnerabilities so you won’t have to worry about waking up to a ransom note.
Tektonic is a trusted name in anything IT related in Toronto. Aside from providing managed IT services, Tektonic also excels in providing cybersecurity services for small to mid-sized businesses. Fortify your cyber defenses with Tektonik and never have to worry about losing sensitive client data ever again.
Tektonic Managed Services is an IT Support and Computer Services company serving Toronto GTA. We provide services in and around Toronto, including York Region, Durham Region and Peel Region. Businesses like yours need technology support to run highly-effective organizations. Leverage pro-growth technology services for your company now!