Many of the large attacks you hear about in the news these days have to do with ransomware.
For example, in May, the largest global producer of beef and pork, JBS, had to shut down facilities in the U.S, Australia, and Canada for several days due to a ransomware attack on its network. If it seems like ransomware is getting worse, it’s not your imagination. It’s become more dangerous in just about every metric, including attack volume, remediation cost, and the average ransom demand.
In 2020, ransomware attacks rose 485% globally. There was also a disturbing increase in Singapore, with the number of reported ransomware cases more than doubling in 2020 as compared to 2019. Ransomware is one of the most devastating attacks for small business technology as well as the IT infrastructure of larger organizations. As soon as ransomware is unleashed, it begins encrypting data on computers, servers, cloud storage, and anywhere else connected to the network. With data no longer usable, companies can’t operate. Ransomware typically results in any operations that require computers and data coming to a screeching halt. This typically shuts down most businesses until the problem is remediated. Those attacked will usually have three options:
- Restore their data from a backup after having the ransomware is removed (only viable if a company has a backup).
- Pay the attacker and hope they hold up their end of the bargain and provide the key to decrypt the data.
- Lose their data altogether and start from scratch.
Factors Making Ransomware Worse
A Majority of Companies Pay the Ransom
It’s estimated that about 60% of ransomware victims globally pay the ransom to the attackers. This reinforces the profitability of this type of attack and emboldens attackers to continue. Because of how lucrative ransomware has turned out to be, more large criminal organizations and smaller hackers alike are deploying ransomware attacks to line their pockets. It’s a popular attack type for large state-sponsored hackers because it can bring in large sums of money in a fairly short amount of time.
Companies Don’t Have a Tested Incident Response Plan
Unfortunately, many small businesses in Singapore and around the world aren’t properly prepared to recover from a ransomware attack. They make mistakes like never checking their data backups to ensure they’re recording properly and not testing the data restoration process. This causes them to pay the ransom as they see no other way to restore operations quickly. An incident response plan is a set of steps that your employees should take in the event of a ransomware attack to mitigate damage and shorten downtime. Things like immediately disconnecting all devices from internal and external connections and contacting the IT partner before doing anything else. An incident response plan should be run through regularly, so employees become proficient at the recovery steps. One of the most important of which is restoring data quickly and completely once ransomware has been removed.
Criminal Organisations are Offering Ransomware as a Service (RaaS)
Another way that large underground criminal groups have expanded the money-making potential of ransomware is to offer it as a subscription service. This is much like the Software as a Service (SaaS) model everyone is now used to. Only, these providers offer the tools needed to conduct a ransomware attack all packaged nicely for the novice. By removing the expertise needed to conduct a ransomware attack, RaaS has increased the number of attackers and the danger for companies.
How to Protect Your Small Business from Ransomware
Use a Managed Data Backup
Using a managed data backup service means that someone is always keeping an eye on your data backup to ensure all information is continuing to be copied without any problems. This removes the issues many companies face when they need to recover data only to find out they’ve don’t have it because their backup hit a problem.
Test Your Data Recovery Regularly
Some companies have paid millions of dollars to ransomware attackers even if they had a backup because they hadn’t tested the recovery process and didn’t know how long it would take. When the clock’s ticking away and your business is down due to an attack, you don’t want to trust the attacker to get your systems running again. You need to already be fully aware of and practiced on your backup’s data restoration process.
Create an Incident Response Plan
Even if you’re a small business, it’s important to have a well-practiced incident response plan. This will help you in more than just a ransomware attack. Include steps for a variety of crisis scenarios (ransomware, natural disaster, extended power outage, etc.) and have your business ready for fast recovery when the next dangerous event happens.
Continue Basic Cybersecurity Hygiene
It’s critical to adopt a culture of cybersecurity where things like using multi-factor authentication and employee phishing awareness training are part of your day-to-day policies and procedures. Many ransomware attacks are caused by a simple lack of adhering to the basics of good IT security.
Put a Strong Small Business Security Plan in Place
Protecting your small business from ransomware and other attacks doesn’t have to be expensive. Managed IT Asia can help your Singapore business with affordable cybersecurity and incidence response solutions that keep you well protected. Contact us today to schedule your free consultation. Call +65 6748 8776 or reach us online.
MANAGED IT ASIA, we are an IT Support, IT Solutioning and Managed IT Service Provider specializing in serving Small Businesses across Asia. Call us at +65 6748 8776 and let us manage your Small Business IT today!