In our last blog, we discussed ransomware in all its forms, how it works and how its adapting and becoming more sophisticated. Today we'll look, more specifically, at what the threat of ransomware means to Irish businesses and why you should understand that this is a real and present threat to your business, no matter how small or large.
Many viruses and hacks are designed to cause mayhem and make political statements rather than generate revenue, however, cyber criminals operating in the ransomware arena are different. We mentioned before that Ransomware as a Service was a key driver in the growth of this scourge and the increasing number of cyber criminals is testament to the fact that ordinary computer illiterate criminals can become cyber criminals as easily as they can open a Spotify account. These criminals have no moral regard for the consequences of their actions and merely operate to generate profit from their activities. So who do they target?
Who are the targets?
Early on in the game, cyber criminals attacked home users. This was for many reasons including the sheer volume of users, poor cyber protection, ignorance etc. However, a ransomware attack on a home user is akin to a failed hard-drive. Very often, the most critical pieces of data lost are personal photos, notes etc. Many of these can be retrieved from social media, emails etc. and therefore, the cost of recovery often disinclines the user to pay for expensive data recovery or, in this case, a costly ransom.
So the cyber criminals generally target businesses because this is where the money is. Loss of data or access, even for a few hours can be detrimental to business in both cash and reputation. The chance that personal data may have been stolen due to the neglect in IT systems can be costly, embarrassing and even terminal in some cases.
The problem for the criminal is that the big boys know this and are increasing their spend and focus on cyber security in all its facets to protect against such attacks. (We'll discuss prevention in our next blog). Indeed, the SEC (Securities Exchange Commission) in the US has made IT Security a board - level reporting function for all publicity quoted companies so serious is the threat to the investment community. So, the soft underbelly of the business world is, yes, you guessed it, the SME.
SMEs, by their nature, are unlikely to have dedicated resources in IT roles. Oftentimes, the IT outsourced on a cost-effective basis to managed services companies who specialise in networking, integration etc. However, they may not be security specialists. Whilst many will do a reasonable job at installation, the passage of time combined with loose work practices can undermine the efforts of even well-intentioned, professional providers.
The big threat is the human factor. Small business are often ill-prepared to deal with cyber attacks and the proliferation of BYOD (Bring Your Own Device) models in the workplace means that, even if the business is secure internally, the weakest link is connectivity in the home, coffee shop etc.
What will an attack mean for my business?
If you fall victim to an attack, the consequences can be far-ranging depending on your business model. If your systems are cloud-based, you may be able to continue using different computers and segmented applications to those attacked. If however, like most businesses, you hold critical data locally with no micro segmentation, then you may face serious disruption depending on your defences, backup & Availability systems etc. In any event, falling foul of an attack will cause considerable disruption even if your business can be restored from backups, commercially you may also be exposed to significant penalties under GDPR, so the real solution for ransomware is prevention.
In our next blog, we'll look at industry best practices and give you our 10- Step Guide entitled:
Relax - Its Only Ransomware!