Why ransomware attacks are on the rise

The seemingly overnight shift to remote work in 2020 has led to a dramatic increase in cyberattacks, the Harvard Business Review reports. While all types of cyberattacks were up in 2020, ransomware spiked 150% over the previous year. And the amount victims of these attacks paid increased more than 300%.

In fact, ransomware attacks have already surpassed one every 14 seconds and are expected to increase to every two seconds by the end of 2031.

Forbes describes ransomware as a way for attackers to “use malicious software to block access to certain data or systems until the owner pays them to unlock it.” How can you protect your small business from becoming a target? And what can you do to recover from a ransomware attack if one does strike? First, let’s look at how and why these attacks have grown.

Recent ransomware attacks

Ransomware attacks continue to populate the news. In April 2021, a single compromised password was enough to take down Colonial Pipeline, the largest fuel pipeline in the U.S., and cause fuel shortages across the East Coast. Before it was over, Colonial would pay the hackers a $4.4 million ransom.

And then there came the $11 million ransom JBS Foods paid to cybercriminals who took out plants that process roughly one-fifth of the country’s meat supply.

That same week, a ransomware attack on the Massachusetts Steamship Authority upended operations, forcing ferry services to slow.

How ransomware attacks have changed

Ransomware attacks have not only become much more frequent, but they are also more sophisticated and costly than in years past.

There are well organized criminal organizations working to deploy malware, such as the Russia-linked cybercrime group known as DarkSide that was affiliated with the Colonial breach. These organizations do their research, finding the most sensitive company information possible and even targeting backup systems. Harvard Business Review writes, “They understand the company’s financial picture, the industry in which it operates, and how to exploit the company to maximum effect.”

This sophistication has led Cybersecurity Ventures to predict that global ransomware damage costs, expected to reach $20 billion in 2021, will exceed $265 billion by 2031. One such method is Ransomware 2.0, in which an attacker steals the data before encrypting it. Then, if the victim refuses to pay for decrypting, the attacker can shift gears and threaten to leak the data to competitors or publicly release sensitive information in an act known as “extortionware.”

Attackers on the dark web typically demand ransom in the form of cryptocurrency.

The impact of cryptocurrencies on cyberattacks

Until the last couple years, most cybercrimes still occurred on a small scale — think individual credit cards or bank account numbers — explains NPR.

However, cryptocurrency transactions like Bitcoin (which JBS Foods used to pay its $11 million ransom) are pseudo-anonymous. This means that criminals, especially abroad, now have the power to receive huge sums of money from companies, hospitals and city governments in a nearly untraceable way.

Given all of this, how can small businesses protect themselves?

How to protect your business from a ransomware attack

Although headlines focus on the extortion of tens of millions of dollars from large companies, threats against small businesses also continue to rise.

Small businesses are vulnerable because they simply don't have the resources that large corporations do, and cybercriminals know it. Established companies can afford the best protections and dedicated staff to ensure that systems and data are safe. However, this level of preparation can prove to be out of reach for a small business — especially one already struggling to keep its doors open.

But there are steps you can take to prepare against hackers, including:

• Educating employees on the proper protocol when opening attachments, clicking on links, or sending sensitive information 
• Using strong passwords for different accounts; the Small Business Association recommends at least 10 characters, one uppercase letter, one lowercase letter, one number and one special character 
• Working with your banks or card processors to ensure you’re using the most trusted and validated tools and anti-fraud services 
• Performing background checks on employees, especially those that will have access to sensitive information 
• Backing up data using best practices, which includes storing a back-up copy separate from the network, so that systems can be restored without the need to pay the ransom for the encryption key 
• Ensuring your computers, servers, and other electronics are secure with the right firewalls and virus protection programs 
• Keeping all hardware and software up-to-date by installing all security patches from your software providers 
• Protecting your business with security solutions and cyber liability insurance

How to recover from ransomware attack

If you are attacked, there are steps you can take to recover. Forbes recommends the following:

1. Record the details of the ransom note that appears on the screen 
2. Disconnect the affected computer from the network to prevent the ransomware from spreading across your network and finding your backups 
3. Consider engaging a firm that specializes in ransomware recovery 
4. Do a complete wipe and restore once your systems are back up and running 
5. Run an anti-malware package after you restore the drive from your backup

Although ransomware threats may weigh heavy, the right resources and a detailed cybersecurity plan can help you protect your small business from cybersecurity threats — and continue to thrive.