Ransomware Explained

If you’re a small-to-medium sized business (SMB), you might think that you’re beneath the notice of major cybercriminals. But you’d be wrong. Smaller companies are cybercriminals most desirable targets. They’re less likely to take cybersecurity precautions, probably won’t be able to break through the ransomware themselves, and can usually cough up enough to pay the ransom.

With the threat of ransomware growing, it’s important to understand it.

What Is Ransomware?

Ransomware is a type of malware. Once it infects your systems, it locks your files, data, and computer systems and doesn’t allow you entry. It will also present you with an ultimatum: pay a ransom to the cybercriminals who created the ransomware or never get access to your data gain.

In this type of attack, the malware is typically spread by a Trojan pretending to be a legitimate file or email attachment. However, this is not always the case. WannaCry, which caused $4 billion in losses, moved between computers on its own.

Once a machine is infected, its data is encrypted and it displays a message demanding the payment of a ransom. Cybercriminals will ask for cryptocurrencies because they are difficult to trace. The amount might not be very high. In fact, the makers of WannaCry were only asking for $300 if the ransom was paid in three days and $600 in seven. Of course, multiply that over the thousands of companies and organisations impacted.

Most ransomware also deletes data after a set amount of time. In the case of WannaCry, this was seven days.

How Does Ransomware Threaten SMBs?

When a businesses computer system is hit with ransomware, it goes down and no digital work is possible until the ransomware is gone—either because the ransom is paid or machines are wiped and backups restored.

Of course, that may not happen. If backups aren’t up-to-date, businesses will lose data. And sometimes paying the ransom won’t save data. According to some reports, 33% of firms who pay the ransom still don’t get their data back.

And here’s a really important thing to remember: 60% of small businesses go out of business within six months of a cyberattack or data breach.

What Precautions Can You Take Against Ransomware?

The main precaution you can take against ransomware is to have an off-site backup for your data. That way, if you get hit, you can wipe everything and reinstall.

Next, it’s important to invest in IT security. Even if you’re a small business without a big tech component to your business—say, you run a coffee shop or you’re a boutique PR agency—it’s worthwhile to consult a third-party IT provider. They can help you set up some basic precautions. And if you do get hit with ransomware, or any other type of malware, they can help.

Finally, employee training is important. Lots of ransomware, and malware in general, is downloaded by unwitting employees.

The Bottom Line

If your business uses devices attached to the internet, it’s time to have a plan in case you get hit with ransomware. Make a plan now, or regret it later.