Ransomware: a big threat for small businesses

By: Catherine Brennan 

You log in to work one day and discover your business’s most critical files are inaccessible – they’ve been taken hostage. Cybercriminals have infiltrated your network, and if you don’t pay up, they’ll either destroy the files or release them on the dark web.  

Ransomware is a very real threat to Canadian businesses. According to the Canadian Centre for Cyber Security, in the first six months of 2021, over 65 percent of Canadian victims were small and medium-sized organizations.  

How Ransomware Works 

As a business manager, you’re likely already familiar with the concept of ransomware and the devastating impact it can have on organizations of any size.  

Typically picked up when someone clicks a malicious link or downloads an attachment in a phishing email, ransomware will spread through a user’s device in a matter of seconds, making its way through the network to locate sensitive or business-critical information. 

Once its target is reached, the cybercriminal locks everything down and demands ransom. The average ransom payment in 2021 was $200,000 CAD. However, when you consider adding the cost of downtime and recovery on top of this, it can end up costing businesses an average $2.3M CAD.

The Supply Chain: it’s not always about you 

Cybercriminals target small and mid-sized businesses for two primary reasons: they tend to have weaker security, and they can provide access to more lucrative targets – their clients. Sophisticated ransomware operations will sometimes attack companies’ supply chain vendors, exploiting their access to the target company’s systems and information.   

In July 2021, close to 1,500 companies worldwide were affected by a ransomware attack on remote management platform Kaseya; cybercriminals used Kaseya to get to several of their MSP clients, paralyzing them and their own customer base. Experts estimate more than 1,000 businesses were affected. 

With the global rise of supply chain attacks, more companies are requiring comprehensive security audits of all their third-party vendors.  If your organization’s cyber security isn’t up to their standards, you could lose out on business. 

Take Ransomware Protection to the Next Level 

Since the onset of the pandemic, cyberattacks have increased by 600%. Organizations with remote or hybrid workforces are at a higher risk of cyberattacks since IT management becomes more complex when employees and devices are distributed for remote work.  

Endpoint Protection 

Secure endpoint security is critical for preventing the initial breech, particularly with a remote or hybrid workforce. Device security, best practice management and employee training are all essential for protecting your front line.  However, you can’t rely on endpoint security alone. 

Detection and Containment 

If a worker’s device becomes compromised, your organization requires immediate containment to mitigate further damage.  

When a laptop or tablet is infected by ransomware, it begins to rapidly encrypt files on the device, spreading to other devices on the network, seeking paths into your centralized systems and data. 

Ransomware is insidious, entering your network stealthily and taking its time, learning your systems, searching through files, and even monitoring employee communications. Like a sophisticated bank heist, cybercriminals take the time to gather information to ensure a swift, effective blow. In fact, a 2020 IBM study showed that the average time for an organization to even detect a breach is 207 days, and often not until it’s too late and ransom has been demanded.  

Stop Ransomware in its Tracks 

Ensure your organization is protected from ransomware and other cyber threats with enterprise-level security that doesn’t break the budget.  

RansomCare, powered by BullWall is a cloud-based, scalable solution that detects ransomware encryption and stops it in its tracks – even when the malware has bypassed all your endpoint protection and other security tools.  

Multi-alerting services ensure that your IT team is immediately aware and equipped to respond. It is a vital element of your overall defense strategy, providing critical security defense for a small portion of your available security budget. 

Evolve your security, reduce risk of loss, and rest easy knowing that your organization and your clients are fully protected.  Book a free demo to learn more about ransomware containment and isolation.