When you hear the word “ransom” what do you think of?
If you're like me, you flashback to any of a dozen movie scenes. There's a worried spouse holding a ransom note. Surrounded by police, the phone call comes in. Immediately, the trace attempt begins and the worried husband tries to keep the kidnappers on the line, but to no avail. The kidnappers want their million dollars by noon tomorrow or the wife will never be seen again.
Then, depending on the movie, cue the slapstick comedy (Ruthless People, The Big Lebowski) or the taut action movie (Ransom).
While entertaining in a movie, ransoms also happen in real life
Today, when security professionals hear “ransom,” they immediately think of ransomware. Instead of never seeing your spouse again though, it's your information these criminals kidnap.
Ransomware is malware that encrypts and locks you out of your data. Phishing emails or visits to an infected website are how most businesses are infected. Once ransomware gains access to your data, you have to pay – usually through a digital service like bitcoin – to regain control of your data.
If you delete the malware, you delete your information.
Once infected, there are two choices – lose your information or pay the ransom. Fortunately, there's a well-known business best practice to protect yourself: data backup.
Ransomware Threat Keeps Growing
A business falls victim to a ransomware attack ever 40 seconds. By 2019, ransomware attacks on business will happen every 14 seconds. Damage from those ransomware attacks is predicted to reach $11.5 billion by 2019 (Cybersecurity Ventures).
It's a trend that's not going away. Malwarebytes research indicates that about 60% of malware payloads in the first quarter of 2017 contained ransomware.
The FBI estimates that over $5 billion in ransom was paid in 2017 (though it's probably more because the crime is under-reported).
Ransomware = Easy Money
Cybercriminals like easy money, which is why they like ransomware. You can even be a lazy cybercriminal and buy a ransomware kit off of the dark web (it exists). That's right, there's ransomware-as-a-service.
In 2016, 64% of U.S. Businesses paid ransom “requests.” The average ransom is $1,077 per attack in 2016, up from $264 in 2015 (from the Symantec 2017 Internet Security Threat Report).
Note that relatively small average size of the ransom. While the size of ransoms have increased as cybercriminals have shifted from individuals to business, they're going after smaller businesses. While the rewards are more lucrative from larger companies, it's simply easier for low-skill hackers to target companies more likely to have weaker network security in place.
Think about your critical business documents. What would you do if you suddenly couldn't access them and received a ransom note for $2,000?
One of the best protections from susceptibility to ransomware is also a business best practice – backup your data.
A good backup strategy will mean your data is backed up at regular intervals (and not on network drives, which are easily accessible to ransomware once the virus gets into your system).
Depending on your business, there will be a balancing act between cost and security. More frequent backups will cost more, but limit data loss. Less frequent backups expose you to more lost data.
Regardless, when you have a good data backup solution in place, you can wad that ransom note up and throw it away. Restore your data from backup and you'll be back in business quickly, with minimal disruption.
While you may lose a day's worth of new data or an hour (depending on the frequency of your backups), you'll always be able to restore your data so you won't be held up for ransom.
Kill two birds with one stone, invest in data backup – even if you're never attacked by a ransomware virus, data backup will allow you to maintain access to your critical business information in the case of disaster or employee mistake that deletes information accidentally.