Ransomware attacks against businesses and incidents that compromise their e-mail systems are on the rise again. They are threatening organizations of all sizes — and may target yours.
Small businesses are quite vulnerable to these types of attacks, as the cyber criminals know that they typically have less sophisticated networks and protection. Accenture reported that nearly 43% of cyber attacks are on small businesses, yet only 14% of these firms are prepared for attacks.
Consider that a cyber attack on a small business can range from minor (less than $1,000) to enormous (more than $650,000), it’s important that your firm put in place safeguards to avoid having operations hampered or private data exposed by hackers.
The cost of cyber attacks is substantial:
- The average ransom demand is $5.3 million and the average payment is $100,000.
- 40% of the attackers’ victims are in the U.S.
- Verizon report said half of all business e-mail compromise thefts cost more than $50,000.
- 19% of data breaches start inside organizations – either accidentally or deliberately.
Attack Methods Keep Changing
Here are the new threats that employers must contend with:
- Encryptionless extortion attacks — These differ from traditional ransomware attacks, in which the criminals seize control of systems and refuse to release them until they receive ransom payments. In an encryptionless attack, they steal an organization’s data and hold it for ransom.
- Pretexting attacks — Also known as “social engineering,” in these attacks someone poses as a person known to an employee within the targeted organization. They know enough information to appear convincing.
They request that the recipient perform a routine transaction, such as changing a bank account number for a vendor. The new bank account belongs to the attacker, not the vendor, and the money is gone before the truth is discovered.
You can thwart the criminals..
Educate your employees — Regularly update your people . The more your employees know about cyber attacks and how to protect your data, the safer your business will be. Send out regular reminders not to open attachments or click on links in e-mails from people they don’t know or expect.
Implement safe-password practices — Have employees use complicated passwords and change them regularly every 60 to 90 days.
Using security platforms and protocols — This includes installing web application firewalls and using secure payment gateways if you accept credit cards online. Your website hosting company should regularly patch security vulnerabilities, and you should ensure that all computers have antivirus software installed.
Backing up yourl data – REGULARLY— That includes databases, financial files, human resources files, and accounts receivable and payable files
Cyber insurance
Even with protections in place, you still can suffer an attack. If it’s a ransomware attack, your systems may be unusable until the ransom is paid.
Fortunately, cyber insurance can help pay for the associated costs, including:
- Recovering or replacing lost or stolen data
- Investigating the incident
- Notifying regulators and customers of a breach
- Income lost due to a breach
- Extortion payments
- Legal damages
- Lawsuit and regulatory action defense
- Fines, fees or penalties (coverage not available in all states)
- Crisis and public relations management.
Call us .. The Cyber Marketplace Is open and active. Let us show you whats available and how affordable they are.