Ransomware attacks are on the rise and are making national and global news headlines and for good cause. In 2020, there was a 150% increase in attacks and a 300% increase in the amount of ransom paid. This increase does not appear to be slowing down either. To date, the amount of ransomware attacks in 2021 has surpassed all of last year. What is contributing to this increase?

While there are several factors that have contributed to the increase, one main reason was the immediate shift to remote work during 2020. Almost overnight, many businesses went 100% remote without a cybersecurity plan in place. Workers were utilizing their personal computers and laptops and logging on from home on unsecured VPN networks rather than connecting at the office through a secure network. Cybercriminals were able to exploit security weaknesses at both large and small businesses.

Do you know your risk for a ransomware attack at your business? Let’s take a look at how ransomware attacks have changed, who is at risk for an attack, and ways to reduce your risk.

When you think of a ransomware attack, you may think of a lone person sitting in a dark basement hacking into a company’s network trying to gain access to sensitive information. The hacker gains access to the company through phishing emails and once in the network, deploys malware that encrypts servers and sensitive company data. While this methodology still occurs, the entire process has evolved, is more organized, and is a massive, profitable business.

While there are still ‘lone wolves’ executing ransomware attacks, most data breaches occur at the hands of a group of sophisticated, strategic cybercriminals. These organizations, usually located in eastern Europe, are extraordinarily adept at infiltrating a company’s servers and planting ransomware. They extract as much sensitive company information as possible in order to demand ransom payments.

Another factor in the increase of ransomware attacks is ransomware-as-a-service (RaaS). Think of RaaS as a franchise model for ransomware attacks. Large-scale, organized groups of cyber criminals, such as DarkSide and REvil, franchise their capabilities such as encryption tools, communications, and ransom collections to independent hackers in exchange for a percentage of the collected ransom. This model has allowed ransomware attacks to be outsourced across the globe.

Ransomware is a profitable business and ransom demands have escalated over the last two years. It’s no surprise that attackers are targeting large organizations who are likely to pay a ransom rather than have their business frozen for more than a day or two. Several different industries have been targeted recently including healthcare and critical infrastructure. The highly visible Colonial Pipeline attack crippled the company and the fuel supply chain on the East coast.

While large-scale ransomware attacks have made the news, there are many more that do not make national headlines. Small organizations are also at risk for an attack, especially by bots programmed to use a ‘shotgun approach’ at ransomware. These bots will scan thousands of company websites looking for email addresses, social media profiles, and any other personal data to use in a cyber attack.

Ransomware attacks are hitting close to home in Central Pennsylvania. Last year, the Duncannon borough in Perry County paid tens of thousands of dollars to hackers who held municipal data hostage. Although service was uninterrupted, the borough’s e-files, data, and emails were encrypted, and backup systems were compromised.

The bottom line – almost any organization is at risk for a ransomware attack. If you are a business owner, how do you reduce your risk for a cyber attack?

The best way to reduce your risk of a ransomware attack is to prepare for one. When you go through the process of preparing for a cyber attack, you will identify potential vulnerabilities and be able to address them prior to an attack.

Here are some key ways to prevent ransomware:

• Create an incident response plan: A cybersecurity incident response plan helps companies prepare for, detect, respond to, and recover from cybersecurity incidents. The plan should address issues like malware detection, data theft, and service outages.
• Invest in cybersecurity insurance: Cyber insurance is designed to mitigate losses from a variety of cyber incidents, including data breaches, business interruption, and network damage. It generally covers your business’ liability and helps in recovering compromised data. If you do not have cybersecurity insurance, your IT department, legal department, or your managed IT services provider can help you procure insurance.
• Set up a secure texting channel: One of the first casualties of a cyber attack is internal communication via email. To ensure senior leadership can communicate without access to email, set up a secure texting app.
• Use multifactor authentication (MFA): MFA is an electronic authentication process where a user is granted access to a website or application only after successfully providing two or more pieces of evidence to an authentication mechanism. MFA processes reduce the risk of ransomware since it creates an additional barrier to access of data.
• Provide regular cybersecurity training: Most network weaknesses and cyber attacks are caused by human error. Regular cybersecurity training can drastically reduce the risk of an attack.
• Consult with a cybersecurity company: Cybercriminals have years of training and prep to be able to be successful at what they do and one of the best ways to stay ahead of an attack is to work with a company that specializes in cybersecurity. A reputable company will help you put a plan in place to reduce your risk of an attack as well as continuously monitor your network for suspicious activity.

While no company is 100% protected from becoming a victim of ransomware, you can reduce your risk by taking proactive steps and be prepared if an attack happens.

Everound specializes in cybersecurity best practices for small businesses to large enterprises. Our team of cybersecurity experts can help you create an incident response plan, help procure cybersecurity insurance, and implement data protection strategies and programs to keep your information and network safe.

Reach out today to start a conversation about cybersecurity for your business. We can provide a free cybersecurity risk assessment and recommend next steps to protect your data. We focus on your IT, so you can focus on your business.