The ransomware problem: Why SMBs are vulnerable to attack

In recent years, ransomware has become a popular method for hackers looking to extort money from small-and-medium-sized businesses (SMBs). The concept of ransomware, however, is not a new one, and has been creating problems for small businesses since 1989 starting with the ‘AIDS Trojan’. Distributed via a floppy disc, the ransomware mimicked a software expiry notice – requiring users to pay a ransom by post so files could be decrypted. This ransomware, however, was considered easily breakable due to an over-reliance on symmetric cryptography, along with a less than perfect distribution method, and passed without significant damage.

[easy-tweet tweet=”In recent years, #ransomware has become a popular method for hackers looking to extort money from SMBs”]

In today’s business landscape, we are witnessing a ransomware gold rush. This has been brought on by a combination of both technological progression, and greater proliferation of readymade ransomware packages available to scammers through the Darknet. SMBs are a prime target for hackers due to the high rate of return of successful scams, alongside the relative ease of infiltration. Also, larger businesses often place greater emphasis on investing in security compared to SMBs, making them a more difficult and time consuming target.

Sitting ducks: why SMBs are least prepared for a cyber-attack

Ransomware is a high-margin scam – especially when it targets smaller, less secure businesses. Contrary to popular belief, this type of scam is neither difficult, nor does it require a large amount of intelligence from the attacker. Another problem businesses are facing is that due to the low cost of producing this type of attack, a ransomware campaign only needs a low conversion rate to be considered a success. In comparison, focussing resources on attacking a single large company can often yield no results.

In a recent survey of UK businesses, however, over one third of those had suffered a ransomware attack, with 31 per cent admitting they would rather pay the ransom instead of losing vital data. The problem with this approach is that there is no guarantee that a business will ever receive the decryption key, due to the command and control server potentially being under investigation from a security vendor or law enforcement. Consequently, an organisation could pay a large sum of money to retrieve its data, and receive nothing in return.

Creating awareness: educating SMBs on the ransomware threat

SMBs are the most lucrative target for ransomware attacks as they usually possess more significant financial resources than standard users, while rarely undertaking the comprehensive security policies of larger companies. Some companies make hackers’ jobs simpler by posting company email addresses online. While this is a minimal risk with modern security solutions and continuous data protection policies, a large number of SMBs do not take advantage of the security available to them.

Bitdefender recommends business users and IT administrators should set up regular offline, off-site backups to critical data to prevent malware from finding the network connected storage, and encrypt this data. Deploying a company-wide security solution is also recommended, as this will help spot malicious payloads landing via drive-by attacks or spear-phishing attempts. IT administrators are also encouraged to set up access control lists and restrict user permissions on endpoints to ensure employees don’t accidentally install suspicious or rogue software.

[easy-tweet tweet=”SMBs are a prime target for hackers due to the high rate of return of successful scams & the relative ease of infiltration”]

We predict 2016 will be the year of ransomware, and that the number of victims will significantly increase across the board. The increased ransomware detections we have observed not only suggest that it has become a highly lucrative business, but also that malware developers will soon begin exploiting new platforms, as seen with Linux. As malware developers broaden their perspectives by targeting operating systems that have a large market share, the chances of infection increase exponentially, making a security solution that can stay abreast of a constantly shifting threat landscape indispensable.

+ posts

Meet Stella


Related articles

The value of colocation data centres in IoT

IoT data processing is increasingly being pushed out to the network edge to get as close as possible to the source sensors and end-users of the resulting data analytics

Strategy and anticipation are key to securing against cyber threats

With technological progress comes increased security risks. Sophisticated and co-ordinated cyber groups are working every day to find potential entry points into organisations’ networks.

Raising talent attraction and retention with IT investment

To be at the centre of talent attraction and retention, businesses should make use of workplace technology that enables them to integrate collaborative, secure and sustainable measures into their operations.

How NIST started the countdown on the long journey to quantum safety

Leading the charge to develop a post-quantum cryptographic standard for organisations is the US government’s National Institute of Standards and Technology (NIST).

Overcoming economic uncertainty with cloud flexibility

Particularly for companies that jumped into the cloud headfirst, taking the time to optimise existing processes is a remarkable way to reduce infrastructure costs and free up OPEX for delivering business value.

Subscribe to our Newsletter