L&T Blog

Ransomware on the Rise: How Businesses Can Protect Themselves

December 4, 2019

With nearly every business relying on computer and digital systems to operate, the potential for them to become targets or victims of ransomware attacks has exponentially increased in recent years.

What is Ransomware

Ransomware is a type of malware or virus that prevents users and organizations from accessing their computer systems and files until they pay a sum of money. It’s a high-tech hostage situation that has become more prevalent, particularly in the healthcare sector and among municipalities and local governments.

How it Works

The most common approach to gain access to a system is through a phishing attempt. Hackers may send innocent-looking emails in hopes that an unsuspecting employee will click a link or attached file. Once infected, all files will be encrypted, and users will be locked out of their computers. Attackers then will demand a ransom, usually in the form of bitcoin or some other digital currency, in exchange for a decryption code to regain access to the files.

Attacks Can Be Costly

Such attacks are on the rise — increasing 97% in the past two years, according to phishing prevention firm Cofense — and can be costly to victims:

·        Ransomware prevention firm Coveware found that businesses experience 9.6 days of downtime on average per ransomware attack.

·        The average ransom payment has risen to $36,295, according to Coveware.

·        Average cost of a ransomware attack on businesses is $133,000, according to security software maker Sophos.

·        In total, such attacks cost businesses $75 billion annually, according to Datto, a cybersecurity firm.

·        A Michigan medical clinic had patient and service records hacked in March 2019. Owners declined to pay a $6,500 ransom and hackers deleted all the patient files in retaliation.

·        Two cities in Florida paid $600,000 and $460,000, respectively, to unfreeze hacked systems.

Ransomware Prevention Tips

Here are some steps businesses should take to protect themselves from falling victim to ransomware attacks.

·        Don’t click/download unfamiliar links/email attachments: If you don’t know the sender, don’t download the attachment or click on any links in the email body. If you are unsure, contact the sender and ask for verification.

·        Back up data: Be sure to create regular backups of your organization’s data on a separate server that does not remain connected to the main system. This is important because any computer, drive or server connected to the network will become infected if a ransomware attack is successful. Some cloud storage providers also allow you to revert to older versions of files.

·        Keep all software up to date: From operating systems to security software, be sure to keep everything on your system updated. Each new software update includes new security patches that make it harder for hackers to exploit potential vulnerabilities and gain access.

·        Train employees: Phishing attempts are the most common method hackers use to spread ransomware, so training employees how to spot these attempts is vital. Numerous firms offer training that will equip your company’s workers with the know how to refrain from clicking on that unknown link or email.

·        Cybersecurity insurance: As we’ve seen, ransomware attacks can be costly to impacted companies. That’s why, like all other business risks, it is important to manage that risk through some form of cybersecurity insurance.

How to Respond to Ransomware Attacks

Prevention is one thing, but if your business already has fallen victim to a ransomware attack, here are the steps you should take:

·        Isolate affected computers: If a computer has been hit by a ransomware attack, disconnect it from the network and internet as quickly as possible. If you’re able to do this, it will minimize the spread of the ransomware to other parts of the system.

·        Don’t pay the ransom: This is exactly what the hackers want you to do, so don’t do it. If you do, there are no guarantees the attackers will return your data. Also, paying the ransom just encourages these types of attacks to continue.

·        Ransomware removal: Seek out a professional ransomware removal or cybersecurity firm to begin the ransomware process. Better yet, if you have cybersecurity or cyber liability coverage, contact your provider to begin the process.

Ransomware has proven lucrative for attackers and hackers —meaning they will continue to target businesses and organizations to extract maximum profit. Cybersecurity experts agree that their attempts and methods will continue to become more sophisticated and aggressive. Therefore, it is imperative for businesses to be proactive and diligent in securing their systems and training their people to spot potential ransomware risks.

Learn more about our business insurance and how your organization can protect itself from potential cyberattacks.