Cyber-criminals are now targeting Small and medium business enterprises to extort fees. Ransomware, a kind of malware that, usually, limits user to gain access to their file on the machine. Some of the malware, also known as crypto ransomware can lock very important files on the system and ask for ransom (fee) for the decryption key.
Small Businesses are slowly becoming the major target of these attacks. The reason is simple- the SMBs lack the sophisticated defense against these attacks. A report by Intel suggests that about 80% of SMBs don’t deploy any data protection or email security tools. Ransomware attacks can have a major impact on business continuity, productivity, reputation and much more, and dealing with one is not only time-consuming; it can be extremely costly. SMBs need to be fully aware of the threat posed by ransomware and make strengthening their IT defenses a top priority this year.
The cybercriminals usually set the price so low that when you consider the stress and economic implication of the attack to your business, you would just want to pay and get it over with. Usually, the ransom demanded is less than $1,000. Crypto currencies, especially Bitcoins, are their preferred payment method as it is very difficult to trace. Their other alternative payment methods include Amazon gift cards and iTunes. One more interesting thing to take note of is this: payment of the ransom fee does not in any way guarantee that these cybercriminals will send you the decryption key required to unlock your system or the infected files. That’s simply the power of blackmails.
Best Practices-
To stay safe from ransomware, SMBs are strongly encouraged to:
- Use an endpoint security solution
- Patch or update all endpoint software and webservers
- Deploy a backup solution
- Disable files from running in locations such as “AppData/LocalAppData” and deploy policies that restrict users from executing malware
- Limit users from accessing mapped network drives
- Protect email servers with content filtering solutions
- Educate employees on identifying spear-phishing emails and other social engineering techniques.
Logix Infosecurity helps your organization deploy best tools to keep your company safe on the internet. Especially for SMBs where the deployment needs to be done keeping the cost in mind, our solutions provide good ROI. With the WannaCry and other recent ransomware attacks in India, the time is right for SMBs to consider solutions for cyber security.