How Much Ransom Would You Pay for Your Online Information?
Information security has become one of the gravest threats facing organizations, consumers and government entities in the past decade. Now that virtually all companies have embraced the era of digitization, hackers and malicious parties are relevant risks in every industry and region of the country.
Consider the following statistics:
- The 2016 Ponemon cost of data breach report found that the average financial loss companies experience for each event hit $4 million in 2015, which was higher than the $3.8 million recorded one year earlier.
- The Identity Theft Resource Center, which aggregates instances of data loss and theft, counted 1,093 data breaches among organizations in 2016, the highest figure ever.
- Small Business Trends, an online publication, explains that 43% of all cyberattacks counted in 2015 were aimed at small businesses. This share represented more than double the frequency of 18% recorded in 2011.
Many small businesses would not be able to foot the bill of a major data breach. What’s more, they need to take significant and intelligent measures to protect themselves against cyber risks.
Let’s focus on one of the threats that has become a hacker’s favorite tool: ransomware.
What is ransomware?
Ransomware is a type of malware ─the term used to describe malicious software ─ that infects a device and essentially makes files and data inaccessible to the owner. An individual who experiences this attack will often try to turn on a mobile phone or open an app but will not be able to. Then, the victim will get a message that demands a ransom be sent to a certain account to unlock the files.
Ransomware presents a range of problems to businesses. In April 2016, the U.S. Federal Bureau of Investigation explained that it saw a substantial increase in the number of ransomware attacks on businesses compared to the year prior.
“Paying a ransom doesn’t guarantee an organization that it will get its data back — we’ve seen cases where organizations never got a decryption key after having paid the ransom,” James Trainor, FBI Cyber Division assistant director, said. “Paying a ransom not only emboldens current cyber criminals to target more organizations, it also offers an incentive for other criminals to get involved in this type of illegal activity.
Finally, by paying a ransom an organization might inadvertently be funding other illicit activity associated with criminals.”
As is the case with all types of cybersecurity matters, the best defense is to be proactive. That means businesses must work to prevent a ransomware attack from ever occurring.
How can businesses protect themselves?
There is no sure-fire way to bring the cyber threat down to zero. But a strong and intelligent plan can reduce risk. For ransomware, small-business owners should consider taking the following measures:
- TechRepublic, a technology publication, recommends using RansomFree, a type of security software that specifically protects systems from ransomware attacks. The news provider tested it out and found that it protected a computer from several ransomware attacks.
- Have a disaster recovery plan in place. If you store your sensitive data in two places and one is attacked by ransomware, you will still have access to the files so long as both are not infected.
- Make sure your employees understand the best practices of information security, specifically in terms of downloading software on corporate devices, to avoid malware infections such as ransomware.
By taking a proactive approach to mitigating ransomware attacks, small businesses can keep their data and finances safer.