Ransomware attacks are still common and costly for small and midsized businesses. Discover how cybercriminals usually deliver these attacks and how to defend against them.
Ransomware continues to pose a significant threat to small and mid-sized businesses. Managed Service Providers (MSPs) reported that a least one of their clients experienced a ransomware attack in the first half of 2018. Although the average ransom was only $4,300, the attacks cost the businesses an average of $46,800 due to the downtime they caused.
How the Attacks Were Delivered
Ransomware can be delivered to the small and mid-sized businesses in many ways. It found that the top three delivery methods were:
- Phishing emails. Cybercriminals often send phishing emails to employees at small and mid-sized businesses to spread ransomware. These emails use a convincing pretense to lure recipients into clicking a link or opening an attachment. All it takes is one employee to fall for the ruse to initiate a ransomware attack.
- Malicious websites or ads. To deliver ransomware, hackers build malicious websites or post malicious ads (aka malvertising) on legitimate sites. If employees visit one of these sites, code is installed on their computers without their knowledge. The code then kicks off a series of events that can ultimately lead to a company-wide ransomware infection.
- Web pages often include clickbait — text links (“You won’t believe …”) and thumbnail image links designed to entice people to follow a link to web content on another web page. While clickbait is typically used to increase page views and generate ad revenue, cybercriminals sometimes use it to send people to malicious websites that spread ransomware.
Because all three delivery methods depend on someone performing an action (e.g., clicking a link), it is important for small and mid-sized businesses to teach employees about the hidden dangers associated with seemingly innocuous actions.
Key Elements to Cover When Educating Employees about Ransomware
While each company will want to customize its ransomware training program to meet the its unique needs, it is a good idea to cover the basics:
- Let employees know what ransomware is and the methods cybercriminals commonly use to spread it (e.g., phishing emails, clickbait).
- Discuss the elements commonly found in phishing emails, such as generic greetings, spoofed email addresses, and messages that try to create a sense of urgency (i.e., act now or pay the consequences). If employees know about these common elements, they will be better able to spot any phishing emails that make it through email filters.
- Warn employees about the dangers of clicking links and opening attachments in emails, especially if they are from unknown senders.
- Show employees real-world examples of clickbait and let them know the dangers that might be lurking if they are enticed into clicking the links.
- Stress the importance of avoiding any web content flagged as a potential security threat by web browsers or security software, as it might contain malvertising or other malicious code.
Other Measures to Take
Businesses need take other measures as well, such as regularly updating their computers’ software so known vulnerabilities are patched. Equally important, they need to make sure they have restorable backups of their data in case a ransomware attack occurs.
We can make sure that your business has covered all the bases so that it will be protected from ransomware and other types of cyber attacks. For more information on our security and protection services, contact us by phone at 212-475-7000 or by completing a quick contact form.