Most recent

How to Protect Your SMB Clients from Ransomware

By Eitan Bremler

No company is too small to be devastated by a ransomware attack. In fact, small and medium-sized businesses (SMBs) are prime targets, and the number--and cost--of such attacks continues to rise.

A 2018 Verizon report found that 61 percent of data breach victims were small businesses. Small companies, medical practices—even law firms, are vulnerable. If you serve SMBs, you need to help them understand and address the risk.

More than 61 percent of SMBs surveyed faced such attacks, compared to 55 percent in 2016, according to Ponemon’s 2017 State of SMB Cybersecurity report. The attacks are also costlier. The average cost related to the damage to or theft of IT assets and infrastructure hit $1 million in 2017, compared to $879,582 the previous year. The average cost related to disruption of operations rose to $1.2 million, compared to $955,429. 

The culprit of all these attacks? Often it is Ransomware. More than half (52 percent) of respondents say their companies have experienced a ransomware attack; in the 2016 survey, it was only 2 percent. Think about that for a moment. More often than not, it’s mostly due to human error. Seventy-nine percent of respondents to the Ponemon survey say the ransomware came through a phishing/social engineering attack. Overall, 48 percent of respondents reported such an attack, making it the most common type of cyberattack for SMBs.

The numbers probably don’t surprise anyone. Phishing has become more sophisticated, fooling even the savviest email users. But that’s not the only vulnerability attributable to human error. Cybercriminals are taking advantage of misconfigured cloud servers, according to a 2018 IBM report. In 2017, there was a 424 percent increase in records breached through misconfigurations in cloud servers. Compounding, or perhaps explaining, human error is one persistent problem: SMBs often underestimate the need for vigilance.

Not Paying Attention

Small businesses often have a false sense of confidence about cybersecurity; they simply do not see themselves as targets. And even if they are targets, they think it won’t matter: Many believe they have nothing of value to an attacker. Of course, that sort of complacency makes them ideal targets.

Ponemon’s 2018 Study on Global Megatrends in Cybersecurity suggests that it’s not only SMBs that have grown complacent. That’s worrying IT professionals. Only 36 percent of respondents (senior IT professionals) indicated that senior leadership considers cybersecurity a strategic priority. Even more concerning, 54 percent believe their organization’s cybersecurity posture will stay the same or decline.

Those that are paying attention are ramping up their antivirus protection. But we all know that conventional ways of fighting such attacks are largely inadequateConventional AV products rely heavily on signature-based databases to identify and block malware. In other words, they can protect against only known threats. What about unknown threats and zero-day attacks? Once ransomware circumvents an AV vendor’s product--and it will--it can silently encrypt files and directories. By the time it’s detected, it’s too late.

Chaos and Havoc

Across businesses of all sizes, more than 2.9 billion records were reported breached in 2017, according to the IBM report. That’s down from 4 billion records in 2016, but it’s not time to celebrate. Do the cybercriminals want your records, or do they want to create chaos?

Chaos and disruption can be just as damaging and costly as breached records. Remember those ransomware attacks that made the headlines last year? WannaCry, NotPetya, Bad Rabbit, etc.-- if you were a victim, you surely do. To say they wreaked havoc is an understatement. We’re beginning to believe that’s the true objective.

Overall, according to IBM’s report, ransomware incidents cost organizations more than $8 billion in 2017 as cybercriminals launched debilitating attacks focused on locking critical data rather than compromising stored records. And as the Ponemon report noted, the cost of disruptions is higher than the cost of damage or theft.

A Better Approach

We understand this. We also understand your customers need a solution beyond merely trying to detect and mitigate the ransomware attack. Cybercriminals today can disguise malware so it doesn’t match most vendors’ virus signatures database. Once the ransomware circumvents the antivirus program, it can silently encrypt files and directories.

Rather than trying to detect and mitigate the ransomware attack, our Safe-T Secure File Access allows organizations to deploy a centralized solution to block ransomware attacks when they try to encrypt the organization’s NTFS data stores.

This means your clients gain the benefits of a complete enterprise file-sync-and-share solution; you have controlled and managed access to your organization’s data. At the same time, it prevents crypto lockers and other ransomware attacks from hitting the organization’s NTFS. You look like a hero, and your customers save time, money and anguish. Learn more about how Safe-T can help you help your customers. 

All posts