Ransomware: What is it and How do You Prevent it?
Years ago, cybersecurity attackers used ransomware to swindle companies out of a couple of hundred dollars in losses. Today, attackers demand upward of hundreds of thousands of dollars during a cyber breach.
Because of higher demands, a cybersecurity breach can be detrimental to a small business. In fact, according to the National Cyber Security Alliance, 60% of small businesses that are targets of a cyberattack close within six months.
Let’s discuss ransomware: what is it and how can you prevent it?
What is Ransomware?
Ransomware is a type of malware (malicious software) that blocks a computer system by encrypting it.
These software programs are typically extremely difficult and/or expensive to remove once placed. Most often, cyber attackers will demand a hefty, often increasing fee, for owners to reaccess the encrypted files and data; blackmailing business owners into paying the ransom.
Additionally, attackers may threaten to publish or leak personal information from the computer they’ve overtaken.
Small Businesses and Ransomware
Small businesses have become an increasingly common target amongst cyber attackers. 42% of small businesses have experienced a cyberattack within the past year and 53% have experienced multiple data breaches.
Let’s take a look at what other businesses cyber attackers target.
What Businesses or Industries are Targets of Ransomware?
The most common—but by no means the only—targets of cyber attackers include the following industries:
- Business, professional, or legal services
- Central government
- Energy and utility infrastructure
- Local government
- Financial services
However, it’s important to note that any device connected to the internet is a potential ransomware target.
Personal computers were once the main choice of attackers, but now attackers focus on businesses. Why? Because businesses are willing to pay more to retrieve their data.
How Does Ransomware Work?
The two most common forms of ransomware are screen lockers and encryptors. Let’s discuss each in a bit more detail.
Screen lockers simply “lock” the screen of a device and state that the system is encrypted. This locked screen blocks owners from using their systems completely
As the name suggests, encryptors encrypt data in a system. This means owners can’t access the data without a decryption key that must be purchased from the attacker.
Encryptors can also contain a screen locker with the details of which cryptocurrency to purchase to retrieve data.
Should You Pay the Ransom?
According to the FBI, no. Why? In the past, some victims of cyber breaches have paid the ransom and then:
- Do not regain access to their data
- Do not receive a response or key to their encrypted data
- Or, give their money to attackers who have no way of decrypting the data themselves
How to Prevent Ransomware
Although no measures can eliminate the risk of a cyber attack, some defenses can significantly reduce the chance that attackers will be successful.
Being Careful Online
Users should be cautious and conscientious online, especially when downloading applications or clicking links in emails. Users can also:
- Maintain updated operating systems, software, and applications
- Utilize anti-virus software and anti-malware solutions that will automatically update and run regular scans of your system
- Regularly back-up data in your computer system
- Double-check that the back-ups are completed successfully
- Have a plan in case the business experiences a cyber attack
- Train employees on cyber security, including information about phishing emails and not opening malicious attachments
- Filter content
- Quarantine suspicious emails
Using Cyber Insurance to Protect Your Business
Cyber insurance is a must for anyone depending on a digital infrastructure to run their business. These coverage policies help to protect businesses against the financial devastation associated with a cyber attack.
Let’s talk more about cyber insurance below.
What Does Cyber Insurance Cover?
Coverage varies depending on the policy. However, cyber insurance generally covers:
- Fines, legal fees, and penalties
- Credit and fraud monitoring services
- Finding and addressing the security defect
- Notifying customers of a data breach
- Restoring the personal identities of affected customers
- Recovering compromised data
- Repairing damaged computer systems
For more information, review our commercial insurance policies.
What Happens to My Business If I Don’t Have Cyber Insurance?
A ransomware attack on a business without cyber insurance can result in the loss of hundreds of thousands of dollars between:
- Various legal fees and fines
- Recovery of compromised data
- Damaged computer systems, and
- Other necessary costs
The average small business pays $690,000 to recover from a cyber-attack. Middle-market companies can pay upward of $1 million. Is it worth the fate of your business?
Consider APEX to Protect Your Business
Apex Risk & Insurance Services was specifically founded to fill the service and consultative gap left by agency consolidations in the insurance marketplace. These consolidations have left customers who are used to a boutique service approach with no personal connection to their team.Apex brings the high-touch service proposition back to the San Diego business community, and beyond. Get in touch today; then, read on to learn more about underinsured homeowners and inflation.