Business Daily Media

Defending against ransomware – it’s a matter of when, not if

  • Written by James Bergl, Regional VP, ANZ at Datto


Ransomware is the single biggest cyberthreat facing businesses today. Being attacked by cybercrooks using ransomware is a matter of when, not if. So, if you’re going to come under attack, what are some preventative measures you can take to ensure that your business will continue as usual?

Datto’s recent Annual Global State of the Channel Ransomware Report surveyed 1000 managed service providers (MSPs) around the world on what they’re seeing when it comes to this malicious software and the criminals behind it.

The report makes for sobering reading, with around 70 per cent of MSPs reporting that ransomware is the most common malware threat to small and medium sized businesses.

Ransomware is a particularly insidious form of attack, as crooks will use techniques like phishing (sending legitimate-looking emails that encourage an unsuspecting user to open them and click on a link that downloads malware), to get access to a computer and from there to the business network.

Once the criminals have access to the network, they do two things. The first is that they extract precious business data – known as exfiltrating – and upload it somewhere they can access it later. Then they encrypt all the data on the network, making it impossible for the business to keep running.

Once they’ve done those things, they issue demands: pay up or we will release your data to the world, and if you don’t pay, your data will stay encrypted.

The cost of ransomware

The costs associated with a ransomware attack are dramatic. Sixty-two percent of businesses hit by ransomware report experiencing lost productivity. Thirty-nine per cent say that they undergo business-threatening downtime, while 28 per cent report lost data and 24 per cent decreased profitability.

However, it’s the downtime that’s associated with a ransomware attack that is the real killer. Although ransoms haven’t gone up much over the last couple of years, and average around $4,400 in Asia-Pacific, the costs associated with the downtime that a business will experience until it can deal with the attack are constantly rising. Our research found that the average downtime cost for a business in Asia-Pacific is just over a quarter of a million dollars, a figure that has risen 94 per cent since 2019.

Small and medium sized businesses aren’t the only ones being attacked. Ninety-five per cent of managed service providers also report they are coming under fire from ransomware, and 84 per cent of those surveyed said they were very concerned about the threat.

Contrast this to the MSP’s clients, of which only 30 per cent are concerned about being hit with a ransomware attack.

The causes of ransomware and how to defend against it

The single biggest defence an MSP or SMB has against being hit by ransomware is having a business continuity and disaster recovery (BCDR) solution. Ninety-one per cent of MSPs reported that clients who have this type of defence are less likely to experience significant downtime during a ransomware attack.

Business continuity and disaster recovery is a broad set of tools, from backup and recovery through to endpoint protection that allows a business to quickly bounce back if it is hit by a ransomware attack. BCDR means being able to get the organisation up and running quickly again, minimising downtime, and reducing the need to pay a ransom to the cybercrooks.

The leading cause of a ransomware infestation is from phishing emails, followed by poor user practices, a lack of cyber security training and weak passwords.

That’s why, along with BCDR, the best defence against these nasty attacks is to ensure that the business has prepared their staff to be the frontline of the defence strategy. MSPs and SMBs must provide regular and mandatory cybersecurity training to give staff the ability to spot and avoid potential attacks.

With ransomware being the number one cyber threat facing business, having a solid BCDR strategy is absolutely vital. But along with that comes the need to train staff to spot attacks before they happen – this means giving them the knowledge to see a phishing email for what it is, along with practicing good cyber hygiene with strong passwords and good access management.

While it’s likely that most businesses will get hit by ransomware, being prepared is the best way to bounce back, and avoid the crippling costs of these attacks.

9 Ways To Get The Most Out Of Your Staff

Whatever the sector, research continually proves there’s a direct link between staff productivity and company profitability. There’s no denying that...

Business Training

5 Steps for Creating Effective Solutions to UX Problems

One of the most important components of any website or app is the design of the user experience (UX). Even the smallest UX issues need to be ident...

Business Training

Power BI Examples Reports

In this article we will be looking at some Power BI Examples Reports. These reports are great for learning how to use Power BI effectively. In this...

Business Training

How to Improve Marketing Strategy Using Surveys

Every business owner knows how important marketing is. However, there are more than a few ways to go about forming your marketing strategies. Many m...

Business Training

The Ultimate Choice for Modern Kitchens

Benchtop is the chandelier of the kitchen. It is one of those pieces that is of utmost central attention. It should be aesthetically very pleasing...

Property

Is Bark.com a scam

On 14 August 2024 we received an email from Bark.com. Foolishly one of our team members thought that it was genuine and from a local Australian busine...

Business Training