Security: SMBs are the new target for Ransomware threats

Ransomware is one of the nastier forms of malware out there—and its use is on the rise.

Ransomware is an illicit program that locks your computer and demands that users make a payment—usually in Bitcoin—to an anonymous server in exchange for the computer’s release. This type of extortion attack can be delivered via email, website, or by code embedded in ads. They can run on desktop PCs, laptops, and even mobile devices.

The problem has gotten so bad over the past few years that organizations such as the FBI have taken note and put out a global call for awareness, particularly for those at most risk for attack.

SMBs: Prime Targets

In a ransomware report conducted by Symantec, businesses were the target of 42 percent of all ransomware attacks during the first six months of 2017. And a separate report by Kaspersky showed that one in five SMBs that did end up paying the ransom never got their data back.

In short, SMBs face the greatest risk because hackers are cowards. They look for the systems least likely to detect them. Enterprise-level organizations generally have advanced security systems and protected infrastructure that ransomware can’t match, but SMBs, non-profits, and other small organizations don’t have it so easy.

And businesses can’t rely on the cloud for protection, either—public clouds are less secure than many realize, and cloud service providers often take no responsibility for damage to their customers’ data.

Fight Back Against Ransomware

The prognosis looks grim for companies that can’t afford costly malware attacks. But according to the above FBI release, all users can begin fighting back by following certain best practices:

• Update and maintain antivirus programs on all devices;
• Enable automated patches for every OS and web browser;
• Be cautious about which programs are run/opened on devices; and
• Check for unsolicited emails, even from contact list members, and never open attachments embedded in the email itself.

Of course, business users need to go further with dedicated business continuity plans with built-in strategies for disaster recovery. Remember, many SMBs never get their data back, even after they pay. It’s up to the business in question to continually backup its assets through a secure service provider and ensure that their organization is protected from outside threats—no matter where they come from. This is the crux of data security, and possibly the only way that SMBs can protect their companies from ransomware.