man looking at computer screen in a dark room
We’re working in a world where technology, workplaces, and behaviors are rapidly evolving. And while this has greatly improved many aspects of business, there are also certain unwanted consequences.
One major example is an increased exposure to ransomware. Traditional perimeter-based defenses are struggling to keep up with modern-day practices. There are more openings than ever for attackers to breach your network, and they’ve got SMBs firmly in their sights and there is no 100% prevention today.
In this article we’ll discuss the challenges SMBs are up against, and what they can do to overcome them.

What is a ransomware attack?

When an attacker successfully breaches an SMB’s defenses, the likelihood of an attack has increased to 715% over the last year. Cybercriminals infiltrate your systems and use ransomware to encrypt your files so you can no longer access them. They then hold this data to ransom, demanding payment for its release. This is somewhat of a ‘sweet spot’, as an SMB might see it as easier to just pay, rather than involve authorities or risk customers and competitors learning of the issue.
The average days of downtime due to ransomware outbreaks in Q2 2020 alone was 16 days. This could end up costing you a lot of money. The most damaging, disruptive and by far the costliest cyber threat that can hit you is ransomware, and it is imperative to stop any outbreak as quickly as possible. If you don’t, the only two options are to pay the ransom or go through the expensive process of restoring and rebuilding your IT environment.

Why are SMB’s being targeted?

Ransomware attackers see SMBs as an ideal target because they have for a long time believed their current endpoint and perimeter security to be strong enough. It is very likely they’ll have less sophisticated defenses compared to larger corporations, while still having the capital to be worth the risk.
And it’s unlikely that an SMB will have a dedicated cybersecurity policy in place, or specialist IT or Data Protection experts on their staff. While due to the relatively small financial amounts at stake, institutions like the police probably won’t get involved.
There’s also a lot of potential targets out there; it’s a world of opportunity for those with the means and know how to exploit it.

Should you just pay up?

It’s a big dilemma to be faced with. Pay, and you might avoid disruption to your services and productivity, as well as any legal difficulties if the attacks gained access to your customer’s personal data. But this will encourage and fund future attacks which ultimately entices the attacks to keep attacking, and even when you have paid there is no guarantee the attackers will even return your data. Continuing to pay only perpetuates the problem for everyone.
And there are trends to suggest that refusal is the way forward. Last year, 97% of US and 78% of German businesses refused to pay, while 75% of Canadian and 58% of UK Companies coughed up – it’s the American/German stance that’s leading to fewer ransomware attacks. Here are a few FAQs about ransomware that you may find handy.

Look to your defenses

Where once our IT managers only had to concern themselves with securing centralized locations, with servers, staff and hardware all situated under one roof, they must now consider how to proactively protect your people across multiple locations and devices with improved cyber resilience across the business. The dilemma can be avoided altogether if you look for a proactive solution. And the first step is to evaluate your defenses using an IT health check assessment.
Most SMB’s are currently protected by a traditional wall of defenses: often a combination of firewall, email scanners, web filtering solutions and endpoint security agents. But in modern business, this is no longer enough to keep your business safe as these attacks can penetrate traditional defenses by encrypting around 6,000 – 8,000 files per minute. Learn about various tactics you can use to prevent ransomware as a small business.
Additionally, employees often access the business network from multiple locations on multiple devices – all of which are outside the wall. Educate your people on what to look out for – such as suspicious phishing emails and malware – and on what to do if a cyber-attack does take place. It is then a great idea to follow up these sessions with regular reminders to keep your people on their guard.

Take the fight to ransomware attackers

It’s not a matter of if, but when any given organization will be hit by a ransomware attack. Which leaves two options:
1. Continue as you are with your current defenses, and deal with the consequences of the attack infiltrating your systems, either paying the ransom and hope your data will be returned or go through a very costly and disruptive rebuild or restoration of your file
2. Take the fight to ransomware attackers by introducing a new cybersecurity solution. One which responds instantly to an attack when everything else in your perimeter defense has failed SMBs need to use a layered approach to protect against emerging cyber threats. This is something that should be driven by your IT teams – but are they equipped for the task?

Ricoh’s Cyber Security Practice

Working with a collaborative partner is a fantastic way to fortify your business against the risk of cyber-attacks like ransomware. By taking advantage of their experience and expertise you can build cyber resilience and ensure continuity. Ricoh’s Cyber Security Practice provides a revolutionary “Last Line of Defense” to ransomware. It delivers a 24/7 automated containment solution focused on stopping a ransomware outbreak as soon as encryption starts.
If you are motivated by this and other ransomware statistics presented here, IT leaders have shifted most of their attention to cybersecurity. Watch a webinar, “Addressing the Threat of Ransomware”, hosted by our partner, Fortinet, to learn about some of the most effective tools to counter ransomware attacks.
Our IT Security Solutions keep your teams secure, connected, and productive so you’re ready to thrive – not just survive – in today’s marketplace.  Learn more about how we’re helping organizations protect their IT today, while planning for tomorrow at