It seems like every day we hear another story about new cyber risks. Hacked accounts, exposed personal information and stolen intellectual property are some of the common issues that make headlines. However, one of the most serious threats to businesses today is something many people are unfamiliar with–ransomware.
Ransomware incidents in Canada are increasing at an alarming rate. In 2015, Canadians were affected by an average of 1,600 ransomware attacks a day. By September 2016, the number of attacks nearly doubled, and it has only increased since then.[i] These numbers only reflect the known cases as many incidents still go unreported, so the actual number is likely much higher.
So, what is ransomware?
Ransomware is malicious software that infects a computer and denies access to the system or data, demanding a sum of money to restore the information. Victims often receive an onscreen alert stating their files have been encrypted or a similar message, depending on the type of ransomware. Often ransomers request payment in bitcoin, an online cryptocurrency that is difficult for police to trace.
Typically, ransomware is spread through activities like visiting fake or unsafe websites, opening emails or email attachments from unknown sources, and clicking on suspicious links in emails or on social media. Every operating system – including your mobile phone – is at risk for ransomware. Popular cloud-based services, like Google Cloud, Dropbox, and Office 365, can also be affected.
Many small business owners assume that only large organizations are affected by ransomware attacks; however, businesses of all sizes have become targets. The cost to businesses for ransomware goes beyond just the cost of the ransom to unlock your systems – business interruption, reputational damage and IT costs can all add up in a ransomware attack. In Canada, an estimated 4% of small to medium-sized businesses fell victim to ransomware in 2017, at a cost of over $5 million.[ii]
Some operating systems provide instructions for responding to lock-screen ransomware, although results aren’t guaranteed. In contrast, encryption ransomware has no quick fix without an encryption key, which is known only to the hackers.
Thirty-two percent of small to medium-sized businesses pay the ransom once their files are compromised, of those who pay the ransom, 13% still never recover their data.[iii] Regardless of the type of ransomware, experts recommend against paying–doing so could encourage further cybercrime and expose you to future attacks.
How to Protect Your Business
The best method of prevention is to back-up important and confidential information in a remote location. Backups are essential for security against ransomware.
In addition to backing up your files, the following prevention measures can help keep your information secure and prevent you from becoming a victim of cyber attacks:
- Teach your employees about ransomware and the importance of preventing it.
- Instruct employees never to click on links or open attachments in emails sent by a party they do not know.
- Show your employees how to detect suspicious emails and attachments. For example, tell them to watch for bad spelling or unusual symbols in email addresses.
- Develop a process for reporting incidents of ransomware and other suspicious cyber activity.
- Schedule regular back-ups for sensitive business files.
- Update your company software as soon as new updates are released. In doing so, you can patch the security vulnerabilities that cybercriminals rely on, and avoid becoming an easy target.
- Create an incident response plan for ransomware and other cyber-attacks, as a part of your Business Continuity Plan and Disaster Response Plan.
The Importance of Risk Management
As organizations get attacked in new and more complex ways, you need to rethink what security measures you have in place to manage the risk. If there is exposure or risk, it can be transferred to your insurance through a cyber liability policy. Making the right partnerships with IT service providers and insurance professionals can help you understand where your potential issues are, create your response plans, and ensure that you have the right insurance coverage in place to help you recover quickly from a ransomware attack.