Why Small businesses?
The majority of SMBs are ill-prepared to counter cyber-threats such as malware attacks, distributed denial of service (DDoS) attacks, and ransomware. This leads to downtimes which leads to losses in terms of revenue and production time lost. While the headlines tend to focus on larger companies such as Marriott or Equifax or government agencies and big educational institutions, it is always a mistake to believe that hackers are only interested in these large multinationals. Such attacks often occur because of a lack of adequate resources, few qualified personnel, and lack of proper training, among other issues.
Although big organizations often tend to be perfectly lucrative prey to attackers due to potential gains in case an attack succeeds, SMBs are often attractive due to a variety of things. First, there is an issue of a lack of resources to defend against the attacks. A report by Ponemon Institute states that SMBs have various issues in tackling cyber-risks, one of them being the shortage of personnel to deal with cyber-risks, vulnerabilities, and attacks. The second biggest problem facing SMBs is the limited budgets. Since ransomware attacks are highly sophisticated, the infrastructure and professionals to handle these issues are needed. This requires budgets that are often limited. Most SMBs also have no clear approach to understanding and tackling ransomware attacks.
What attack vectors do attackers use?
There are many attack vectors that attackers use to perpetrate their ransomware attacks. However, the research by Ponemon points out to the employees as the weakest link that attackers often exploit. The most commonly used attack vectors by the attackers are phishing, mal-advertisements, spoofing, and social engineering. Social engineering and phishing are the two often used methods that take advantage of the employees' lack of knowledge to attack. Attackers send spoofing emails with malware and convince the employees to click on links.
What is the cost of ransomware attacks to SMBs?
The cost of ransomware attacks to SMBs is often high. According to a report by Datto, most of these losses mostly occur in the form of ransom being paid to the attackers. Datto averages the ransom being requested by the threat actors to be something around US$5,900. While money is the main thing being lost, other costs may be in the form of downtime, which Datto approximates cost more than 23 times the cost of ransom that the attackers in 2019 alone. The losses can also emerge from the amount needed to investigate the attacks, contain, and recover. There is also the loss of reputation and trust from the customers. Furthermore, you will face legal problems and probably pay for the information lost.
How can this be countered?
No one method can be used to counter ransomware attacks. Instead, you have to use a variety of approaches. The best way to fight these attacks is by training employees, updating your operating systems and having a business continuity plan, and backing up essential data to ensure that not everything is lost in case of a successful attack. Also, reduce the attack surface by disabling unnecessary networked devices and software. Lastly, have a multilayered security solution to protect your organization against different attacks.