The year 2020  saw a huge increase in ransomware attacks with ransom payments estimated to total nearly $350 million. Small and Medium Businesses (SMBs) continue to receive a rising percentage of attacks, as already seen in 2019.Two out of five SMB’s have fallen victim to a ransomware attack.

Q2 2020 saw a 47% increase in ransom demands. The average ransom demand to a SMB increased to over $338,000.

Need to know as an SMB

–          Smaller businesses are particularly vulnerable to ransomware

Small businesses often don’t have large IT teams or cybersecurity specialists dedicated to endpoint protection. Many small and medium size business owners believe that they are not of interest to hackers as larger companies would be much more lucrative targets, but actually this could not be further from the truth. The rise of Ransomware-As-A-Service malware purchased on the darkweb makes it easy and worthwhile to target companies of any size.

Any sensitive data obtained by an attack,  including client contacts, private health information, banking details and business data can be used for extortion by a hacker. With a limited budget, a mix of often unmanaged personal and business devices, SMB’s are particularly vulnerable to ransomware attacks.

–          The origin and ease of ransomware attacks

The rise of cryptocurrency and ransomware-as-a-service has made attacks all but impossible to trace back to the creator of the malware. The threat actor using the ransomware and making the demands is rarely the creator. Ransom payments demanded in the form of cryptocurrency are untraceable.  The ability of the threat actor to stay anonymous and purchase malware cheaply, creates an incentive for the threat actor to  make multiple entry attempts, looking to exploit any vulnerability. Employees working from home on often unmanaged devices, coupled with lack of experience and knowledge of what to look out for creates yet more vulnerabilities for hackers to exploit.

Protect your assets: Good advice that isn’t good enough

–     Backups: It’s always good to have a recovery backup by creating a copy of your data in case of deletion or file corruption. Be aware that files can be lost (accidental deletion) or damaged during the transfer and that ransomware often targets the backup files too.   

–     Password lockers: Two-factor authentication to enter a vault holding your most complex password combinations that prevents keyloggers sounds safe and for the most part it is but, it isn’t flawless. LastPass was infamously called out for a flaw that potentially allowed malicious sites to gain access to last entered user details from the browser extension.

–     Anti-Virus software: Software installed to do exactly that; prevent attacks from viruses and other malware through detection and removal. With the capability to protect against all known malware… but what about unknown threats?

Size and skill not required

It’s a fallacy to think that complete protection against ransomware requires a large, dedicated team of cybersecurity experts. Smaller businesses with minimal IT staff can still be fully protected against threats if they employ the right tools.

Because known strains of malware are always evolving and getting more sophisticated, and more evasive, it’s not enough to install anti-virus protection that works on a strategy of “detect and defend.”  Proper protection needs to be able to prevent ransomware strains that haven’t been identified yet.

It’s important to remember the unfair fact, that small organizations with limited teams and lower budgets have to protect themselves from the same attacks that occur in large organizations that have teams of experts and large budgets. The reality is that 80% of organizations don’t have the resources to assemble this kind of anti-ransomware swat team. But threat actors don’t seek out only the big and well-founded organizations. Even small losses can do permanent damage to small organizations and businesses.

Get it done with Minerva

With Minerva’s Remote User Protection, even unmanaged devices can be used to safely connect to the business network when working from home. Activated when a remote connection is initiated, Minerva’s Remote User Protection runs seamlessly in the background of a session. An investigation takes place for each new process that is launched and if a malicious program is detected, the connection is automatically severed.

Minerva’s Anti-Evasion Platform offers full protection, thwarting malware before it can infect the endpoint, even against strains of malware that haven’t been identified yet.. With this unique capability to protect against unknown threats, Minerva’s Ransomware Protection blocks evasive malware hidden in documents, applications and fileless programs from gaining a foothold. Contact us to learn more and see Minerva Labs award winning protection in action.