The first half of 2021 saw 304.7 million ransomware attacks worldwide.
To put that into perspective, in the same period in 2020, there were a total of 121.4 million ransomware attacks across the globe.
Why have ransomware attacks more than doubled in the last year?
This is predominantly because companies are more than willing to pay a ransom to get their valuable data back.
But also because many businesses, particularly small businesses, are failing to adhere to basic cybersecurity rules.
What is ransomware, and what effect can it have on your business?
Ransomware is a type of malware that employs encryption to hold a victim’s information or data at ransom. If you become a victim of a ransomware attack, you will be unable to access your critical data as it will have been encrypted. The hacker in question will then demand a ransom in return for access.
Ransomware is often designed to spread across a whole network and to target database and file servers. This means that your entire organisation can become paralysed in a matter of moments.
Typically, once your files become encrypted, you will be given between 24-48 hours to pay the ransom, or your files will be deleted forever.
What are the most common methods of ransomware infection?
There are many different types of ransomware, with some cybercriminals using email spam campaigns and others targeted attacks.
As ransomware attacks have become more widespread, cybercriminals have discovered new ways to gain access to your data. These include:
- The use of malware kits that can be used to create new malware samples on demand.
- The use of new techniques such as encrypting an entire disk rather than just a few selected files.
- The use of known good generic interpreters to create cross-platform ransomware.
How to defend your business against ransomware
While the thought of becoming victim to ransomware can be scary, there are several precautions that you can take to avoid ransomware and mitigate any damage if you are attacked:
- Back up your data. The simplest way to avoid the threat of having no access to your data is to ensure you always have backup copies of your files. Ideally, this should be stored in the cloud or on an external hard drive.
- Secure your backups. You need to make sure that your backup data is not accessible for deletion. Ransomware will search for data backups, so you need to ensure your systems do not allow access to your backup files.
- Be vigilant when online. Educate your employees on how to practice safe surfing. Do not respond to emails from people you do not know and only download applications from reputable sources.
- Avoid public Wi-Fi networks. Many public networks are not secure, so you should avoid using these. Instead, install a VPN that provides you with a secure internet connection when on the go.
Train your employees. Provide your employees with cybersecurity awareness training so that they are informed about how to avoid phishing scams and other social engineering attacks.