Small businesses are increasingly targeted by ransomware gangs, says a report by ransomware recovery specialists Coveware.
Released on February 3, the report looks in detail at ransomware attacks that took place during all four quarters of 2021. The findings reiterate the need for businesses to have reputable – and, crucially, up to date – antivirus software installed.
The study also concluded that the threat of discovery, exacerbated by high-profile takedowns of ransomware gangs widely covered in the media, was chipping away at the population of hackers and scammers prepared to risk jail time for a reward.
Ransomware is a Major Threat to Smaller Businesses
It’s typically large companies that make the headlines when it comes to ransomware attacks – more data is usually on the line, the ransoms are larger and there’s often a regulator waiting in the wings to issue a fine for poor data practices.
According to a report by ransomware recovery specialists Coveware, a “tactical shift” has been introduced by many ransomware gangs, which includes a “deliberate attempt to extort companies that are large enough to pay a ‘big game’ ransom amount but small enough to keep attack operating costs and resulting media and Law Enforcement attention low.”
“You can hit the jackpot once, but provoke such a geopolitical conflict that you will be quickly found. It is better to quietly receive stable small sums from mid-sized companies…” – LockBit 2.0 ransomware gang member.
Indeed, the report notes that 82% of attacks that took place in 2021 impacted organizations with less than one thousand employees. The graph below illustrates, companies with 11 to 100 employees make up a significant proportion of the overall victims:
What Else did the Report Find Out?
One interesting conclusion the report draws is that dramatic, highly publicized law enforcement takedowns of ransomware groups and the very real threat of jail time have shrunk the demographic of individuals willing to carry out such attacks.
Another finding that all businesses should be aware of is the steadily increasing percentage of ransomware attacks that exploit some sort of software vulnerability:
However, the main way in for ransomware gangs is still RDP compromise – which involves obtaining a password for a system administrator or user – so it's vital that all employees are using password managers to ensure their login credentials are as secure as possible.
Coveware also looked at the different types of professions suffering ransomware attacks. In Quarter 3, for instance, 12.8% of attacks were aimed at consumer services companies, whilst professional services accounted for 20.4% of all targeted victims. 10.2% of attacks in the same quarter were aimed at the public sector.
Preparing yourself for Malware and Ransomware
Nowadays, businesses operating in all four corners of the economy have to be prepared for ransomware and malware attacks. But US businesses need to be especially vigilant – around one-quarter of all global ransomware attacks target US businesses and individuals.
Some key tips for surviving ransomware attacks include ensuring, through training, that employees can identify what a phishing email looks like, and securely backing up all the data you hold. Email content and filtering scanning are also recommended.
Useful cyber security tenets like the principle of least privilege – that all employees must only have access to the data they need to do their jobs, and no more – should be implemented across all businesses.
Other useful tools that can help bolster your defenses include antivirus software, which needs to be kept up to date at all times. If the attacker is using a form of malware to try and subsume control of your computer and hold you to ransom, a reputable antivirus program will be your best bet in terms of detecting and flushing out that malware.