A quarter of Asia-Pacific IT service providers say their clients have been victims of ransomware attacks. How can you make sure your business is protected by Nop Srinara, Sales Director Asia, Datto Inc
Angler, Cryptolocker and Locky - no, you’ll not find them in Pokemon Go, but you may find them on your computer one day. They’re types of ransomware which is emerging as a major threat to individuals and businesses alike. Ransomware, a type of malware that encrypts data on infected systems, has become a lucrative option for cyber extortionists. When the malware is run, it locks victims’ files and allows criminals to demand payment to release them.
Surveying over 100 IT service providers in Asia-Pacific representing hundreds of thousands of small businesses, a new study by Datto reveals that over one quarter of respondents reported having their clients victimized by ransomware in the past twelve months. And in a clear indication of ransomware’s growth as a major impediment to business, 24 percent of respondents replied that they experienced multiple attacks in a single day, a number experts expect will continue to grow. Ransomware attacks like these can be crippling for businesses and 45 percent of survey respondents mentioned that a ransomware attack led to business-threatening downtime.
Despite ransomware being on the rise, many businesses, particularly SMEs and smaller businesses, are not equipped to tackle them when they happen. According to a recent survey conducted by Trend Micro, close to 50% of APAC businesses surveyed indicated that there was no security awareness program in their organizations. And only 25% of companies are confident that they are fully prepared for cyber attacks, despite close to 50% anticipating a targeted cyber attack in 2016.
Ransomware can be distributed in a variety of ways and this makes it difficult to protect against because, just like the flu virus, it is constantly evolving. Today’s ransom seekers play dirty, so you need to stay one step ahead to be ready to face them head-on.
SMEs and smaller businesses are often more likely to suffer an attack because small business IT teams can be low on resources and can rely on outdated technology due to budgetary constraints. Thankfully, there are tried and tested (and cost-effective) ways to protect your business against ransomware. Security software is essential, however you can’t rely on it alone. A proper ransomware protection strategy requires a three-pronged approach, comprising of education, security and backup.
The Datto study reported that 27% of respondents believed that one of the leading sources of ransomware infection was a lack of cyber security awareness and training. It’s therefore critical that your staff understand what ransomware is and the threats that it poses. Provide your team with specific examples of suspicious emails with clear instructions on what to do if they encounter a potential ransomware lure (i.e. don’t open attachments, if you see something, say something, etc.). Consider conducting formal training on a regular basis to inform staff about the risk of ransomware, new strains of attack and other cyber threats. When new employees join the team, make sure you send them an email to bring them up to date about cyber best practices. It is important to ensure that the message is communicated clearly to everyone in the organization, not passed around on a word of mouth basis.
Antivirus software should be considered essential for any business to protect against ransomware and other risks. Ensure your security software is up to date and keep all business applications patched and updated in order to minimize vulnerabilities. Some antivirus software products offer ransomware-specific functionality that monitors systems to detect malicious activities. If ransomware is detected, the software has the ability to block it and alert users. However, because ransomware is constantly evolving, even the best security software can be breached. This is why a secondary layer of defence is critical for businesses to ensure recovery in case malware strikes: backup.
Modern backup technologies use snapshot images, preferably independent of each other, so as to be recoverable on their own without depending on the previous or next backup in the "incremental chain" which is a reference to the traditional and antiquated backup technologies of the last decade. This independence allows the deletion of the corrupted image from the set of differential images, thereby enabling the customer to recover from the latest recovery point; which could be as recent as five minutes in the past. Furthermore, as these images are stored natively in a virtual format, they can be booted up and configured within minutes, effectively nullifying the ransomware threat.
Cyber extortionists using ransomware are a definite threat to today’s businesses, large and small. However, a little bit of education and the right solutions go a long way. Keep your business safe and give your nerves a break. To sum it all up, knowledge spreading and security software can help you avoid cyber attacks. Patch management is essential. Be certain that your software is up-to-date and secure. And it is that all-important backup that will help you pick up the pieces when all else fails.