As the recent WannaCry attack revealed only all too well, ransomware is a pervasive threat faced by countless businesses across the world.
However, as our Second Annual State of Ransomware Report with Osterman Research revealed, this type of cyber-crime appears to be thriving here in the UK due to a
willingness by small to medium businesses to pay out when their data is compromised. Of the SMEs we surveyed, 62 per cent of UK businesses said they would consider paying. This is compared to 84 per cent of French businesses which said they wouldn’t.
Given these findings, it’s safe to say hackers may be incited to target British businesses specifically, as it’s more likely their ransom demands will be paid. To make matters worse, compared to other geographies, the UK lacks the most confidence in their abilities to fight ransomware: almost 20 per cent of businesses have little or no confidence that they could stop attacks, compared to a global average of 11 per cent.
Far more than just a ransom
The scourge of ransomware does not start and end with data being seized and a ransom demanded. In fact, the time spent trying to get systems back online and the consequent revenue lost can be a source of much company anguish. Our report details that of the businesses affected by ransomware in the UK, many businesses were left stranded for up to 100 hours, completely unable to operate and, in turn, service clients or run products.
Unsurprisingly, this is something that few businesses could afford. Adding insult to injury, British businesses were found to be the worst compared to the rest of the world at identifying the source of ransomware, which may explain why some were left inoperable for so long.
These are issues that should weigh on companies of all sizes, yet SMEs should be particularly alarmed, as cash flow is inevitably going to be more of a concern. A notoriously unpredictable element of running a business, a lack of cash in the bank poses various challenges to companies still in their infancy. Often, this can result in erratic business processes, making it difficult to forecast monthly sales and pre-empt losses.
In the case of a ransomware attack the cost of downtime can be lethal for an SME, which may not be able to withstand an extended period of ceased trading.
Indeed, in the UK, only three per cent of organisations described their downtime from ransomware infections as ‘minimal’ (lasting up to an hour), with 25 per cent saying that it lasted between one and eight hours. Most alarmingly, however, over 70 per cent reported that downtime lasted for more than nine hours. Concurrently, only 13 per cent of ransom demands in the UK asked for more than $10,000, so it’s reasonable to conclude that downtime proved the costlier consequence of a ransomware attack.
On top of this, shadow IT in the form of Bring-Your-Own-Device (BYOD) is often more prevalent within SMEs, potentially making a company more susceptible to ransomware attacks. This is because the practice often encompasses the use of applications by employees without the knowledge or approval of the technology team. This often dangerously means they are not in line with a company’s requirements for data management, security, and compliance.
Because of this, something as simple as a phishing scam opened on a personal email account, can cause a company’s entire network may be brought down.
SMEs must make protection a priority
In order to adequately protect against ransomware, SMEs must adopt a layered approach to security, employing both an anti-virus for traditional threats and anti-malware for the more advanced. What’s more, all staff members must understand the gravity of the threat posed by outdated software.
Holes in everyday programmes such as Internet Explorer are prime portals for nefarious hackers to pour through ransomware and other malware. For this purpose, anti-exploit software offers an extra layer of security. Lastly, beware of rogue ads; malvertising – whereby certain online ads are infected with malicious code, potentially leading to ransomware – is still rife, and yet it’s still not a threat vector with mainstream understanding. Again, anti-exploit software can help combat this.
Finally, to fully help bolster defences, it’s worth considering why UK SMEs have such little confidence in their abilities to fight ransomware. For one thing, although it was never firmly established exactly why UK businesses are more likely to pay the ransom, it’s reasonable to assume that the NHS being targeted during the WannaCry attacks conjured more of a fear element compared to the rest of the world.
This partly explains why government and public sector organisations were so extensively targeted in the UK, along with retail businesses. As such, on top of the protective measures, British SMEs must try to avoid being manipulated – after all, the most successful online crime is that which hacks people, and uses their weaknesses against them.