We’ve all seen the headlines. Scarcely a day goes by without another security breach putting an Australian organisation in the spotlight – from government family planning clinics to defence shipbuilders, and from retailers to banks, the impact has been enormous. Among the most prevalent – and the most damaging – has been ransomware, and every business, of every size, in every industry sector, should be aware of the risks and taking preventative action.
The most famous ransomware incidents in recent years involved the WannaCry attack that crippled the British health system. As surgeons were left without computers mid-surgery, chemo patients’ blood test results disappeared, and emergency departments lost access to critical health information, lower profile targets fought their own battles around the world.
Contrary to common misconception, small and mid-sized businesses (SMBs) do not fly below the radar of attackers. A Datto study shows 79% of IT managed service providers (MSPs) reporting ransomware attacks on their SMB clients in the two years to June 2018. Given the massive investment made by large corporations, it is believed that SMBs are seen as a softer target, with fewer resources, with smaller scale attacks less likely to be pursued by law enforcement agencies.
What is Ransomware?
Ransomware is a particularly harmful type of attack in which a cyber-criminal takes over a computer system and withholds access. The attacker threatens either to permanently block access to data, or to publish data, if a ransom is not paid.
While it is relatively easy to set up an attack using tools readily available on the dark web, most are the work of sophisticated cyber-crime organisations that are well-resourced. Payment is often in the form of crypto-currency, making transactions extremely hard for police to trace. In any case, based on Datto’s research, less than a quarter off attacks are ever reported to authorities. In spite of Australia’s newly introduced mandatory data breach reporting laws, many small business owners are unaware of their reporting obligations, and along with the direct result of an attack, they run the risk of expensive fines.
The Business-Defining Impact of Ransomware
Fines are far from the worst of it. Datto’s research found that worldwide, the cost of downtime as a result of ransomware is more than 10 times the amount of ransom demanded – for SMBs, an average of US $4300. That isn’t to say that a business should pay up; those acquiescing to the cyber-criminals’ demands may be putting a target on their backs.
Beyond the direct cost, reputation damage as a result of ransomware can be far reaching. When we consider the harm to major brands, in spite of access to comprehensive public relations resources, the impact has been severe. As individuals, when we give our private information, our payment details and our identity documents to an organisation, we expect them to be safeguarded. When we shop, visit the doctor, or insure our pets, we place our trust in a brand. When that trust is breached, sometimes little remains. Between direct financial impact and ongoing loss of reputation, many smaller businesses fail to recover.
Prevention, or at least risk reduction, is far better than cure. There is no single product or process that will make an organisation’s IT systems impenetrable. Rather, a careful mix must be built that presents an unattractive target.
Firstly, the priority must be placed on business continuity – how will the business continue to operate and serve its customers if disaster strikes? This area of planning must ensure that the organisation can quickly switch over to an environment that is uninfected by the ransomware.
Ransomware arrives via a variety of methods including unsafe websites and web ads, but phishing emails are still the number one delivery method. Phishing emails are far trickier to identify than their poorly phrased and more obvious predecessors. They frequently pose as a trusted source, such as a bank or IT vendor, using downloaded logos and convincing claims. Educating users, and encouraging them to check with IT when in doubt, will immediately reduce risk.
Getting Professional Help
IT security is a specialist area, and given the sophistication of modern attacks, it is something to discuss regularly with your IT partner. A well-managed IT environment, with updates always applied immediately, is the best prevention. 90% of those surveyed by Datto said that businesses with a managed business continuity solution in place were up and running within 24 hours, and able to focus on repairing any customer impact quickly. Avoiding negative headlines and maintaining the reputation you’ve worked hard for is possible – but it won’t happen by chance.
Time to secure your business reputation against the impact of ransomware? Contact the Mangano IT business continuity experts today.