The most important thing to know about ransomware is that it’s not going away.
Criminals will continue to use ransomware to extort money from anyone they can -- business or individual. Every article or piece of research about cybersecurity issues in 2019 named ransomware as one of the top threats for next year.
This is where I remind you that small and medium businesses are targets too (if you’re thinking this is only a challenge for the Fortune 5000) -- 43% of cyberattacks are aimed at small businesses (Small Business Trends).
As we begin to look ahead to 2019, here are a few key things you need to know about ransomware.
The number of attacks is huge and growing. The FBI claims over 4,000 ransomware attacks daily, including businesses and individuals. Cybersecurity Ventures predicts a ransomware attack on businesses every 14 seconds by the end of 2019. It was one attack every 40 seconds in 2016.*
Staffing challenges for cybersecurity positions will continue. We’ve written about the cybersecurity hiring gap before. Ponemon research* shows that 58% of survey respondents think the problem of not having expert cybersecurity staff will get worse. Many trends show a move to AI (artificial intelligence) to supplement security; 48% of respondents think that reliance won’t reduce the need for cybersecurity experts. Many believe this will have real consequences on their cybersecurity posture, as 53% think an inability to hire expert staff could lead to a decline in a company’s cybersecurity posture.
Good news for the hackers. Even as threats grow, only 36% of Ponemon** respondents say that executives see cybersecurity as a strategic priority. This means the majority of companies will continue to give short-shrift to security spending and strategy, basically keeping the door propped open for cybercriminals to walk on in.
Phishing attacks are no phun. Phishing emails are commonly used to deliver a malware package containing ransomware -- 91% of cyberattacks begin with a spear phishing email.*** Kaspersky reports that in 2017 it’s anti-phishing system was triggered 246,231,645 times -- that’s 91 million MORE than 2016. The company expects the 2018 numbers to be higher again. Get tips to protect yourself from phishing attacks here.
The threat posed by ransomware to anyone with a computer (or smartphone) is real.
The first step to protecting yourself is to stop ignoring the fact that cybercriminals don’t care who they target. Even technologically unsophisticated cybercriminals can get in on the ransomware act with ransomware kits available on the Dark Web (yes, it exists). That’s right, for a fee, cybercriminals can outsource their ransomware attacks.
These four facts present special challenges to smaller businesses. Even if you are the rare small business owner interested in investing in security, you probably don’t have the budget to hire cybersecurity experts or have invested in security training to help your employees spot phishing attacks, how to manage passwords, etc.
As the volume of attacks rise, you don’t have to resign yourself to being a victim.
Outsourcing the management of your network will allow a team of experts to monitor and proactively take steps to keep you network secure. A managed network services partner means you no longer need to hire a cybersecurity expert to keep your systems safe and a partner can train your staff. With 365x24x7 monitoring, regardless of attack frequency, your network and data is protected.
The first step to hassle-free security and peace of mind is a network assessment to identify your weaknesses (as well as network bottlenecks and other productivity killers).
* Cybersecurity Ventures
**2018 Study on Global Megatrends in Cybersecurity, Ponemon Institute Research Report