Ransomware is a complicated issue and continues to be an increasingly dangerous threat for businesses in 2021. With national powerhouses like Cox Media, Colonial Pipeline, and JBS all target in 2021, it's clear that the threat from hacking groups isn't going away - but that's just one side of the story. For small businesses, Datto reports that nearly 70% of MSPs report that ransomware is the most common malware threat. Unfortunately, only 30% of small business MSPs clients are very concerned.
- 92% of MSPs predict ransomware attacks will either continue or get worse.
- 78%of MSPs report attacks against small business clients over the last two years.
- The average ransom in 2020 was $5,600, but the average cost of downtime was $274,200 - a 94% YOY increase.
As ransomware attacks have continued to rise, The White House has released a statement to urge businesses of every size to take precautions, build their defenses, and prepare for an increasingly dangerous wave of ransomware attacks. With more attacks come increased defenses, but with increased defenses have come more complicated and dangerous ransomware attacks.
How does a ransomware attack work?
Traditional Ransomware Attacks
This is the most basic answer to the question "What is a ransomware attack?" Once they've tapped into a network and are accessing its data, hackers encrypt the most valuable data for a company that is critical to daily operations and often customer security. They then contact the company, demanding a ransom in return for a key that can decrypt the data. Even if a ransom is paid decryption keys can often take hours, days, or weeks to fully decrypt the data - a situation that could spell disaster for small businesses.
Double Extortion Ransomware Attacks
These attacks take the threat of ransomware a step further, with hackers adding an additional threat to leak the stolen data to the public. This can put company secrets and customer data at risk, raising the stakes even higher.
Triple Extortion Ransomware Attacks
This type of attack is the worst-case scenario. Not only are the majority of company operations at a standstill, but the data of the targeted company, its business partners, and its clients are all at risk. With so much data at risk of being released to the public - and to other online hacker groups - companies like JBS are pressured to act quickly and, ultimately, may choose to pay the ransom rather than rebuild their database and network... if it can be rebuilt at all.
How does a hacker access my data?
There are many different tactics that cybercriminals can take when attempting to hack into the personal data of a single person or an entire company (these two approaches often go hand-in-hand.) Datto's Global State of the Channel Ransomware Report shares that phishing attacks are the leading cause of ransomware attacks, causing 54% of attacks, while poor user practices/gullibility and lack of cybersecurity training rounded out the top three.
A phishing attack is a type of social engineering attack, creating a realistic-looking email, text, or social media message that is actually mimicking the real deal and fooling victims into clicking on links or sharing personal or confidential information. Once received, a single click on an unassuming hyperlink or casually sharing information can immediately provide hackers access to your data, putting your entire network at risk.
If you're wondering how to protect yourself against ransomware attacks, you're not alone. Following The White House guidelines is a good start towards improving and solidifying your cybersecurity defenses against ransomware.
Even for companies with an internal IT team, partnering with an MSP helps add an entire team of technology pros to your team at a fraction of the cost. With ample experience in cloud storage solutions, proactive IT management, cybersecurity, and more, choosing an MSP that is a good fit for your business helps protect your network and its data today while preparing your business for tomorrow.