Ransomware continues to pose a significant threat to small and midsized businesses, according to a Datto survey of 2,400 managed service providers (MSPs). More than half of the MSPs reported that a least one of their clients experienced a ransomware attack in the first half of 2018. Although the average ransom was only $4,300, the attacks cost the businesses an average of $46,800 due to the downtime they caused.
How the Attacks Were Delivered
The Datto study explored how the ransomware was delivered to the small and midsized businesses. It found that the top three delivery methods were:
- Phishing emails. Cybercriminals often send phishing emails to employees at small and midsized businesses to spread ransomware. These emails use a convincing pretense to lure recipients into clicking a link or opening an attachment. All it takes is one employee to fall for the ruse to initiate a ransomware attack.
- Malicious websites or ads. To deliver ransomware, hackers build malicious websites or post malicious ads (aka malvertising) on legitimate sites. If employees visit one of these sites, code is installed on their computers without their knowledge. The code then kicks off a series of events that can ultimately lead to a companywide ransomware infection.
- Web pages often include clickbait — text links (“You won’t believe …”) and thumbnail image links designed to entice people to follow a link to web content on another web page. While clickbait is typically used to increase page views and generate ad revenue, cybercriminals sometimes use it to send people to malicious websites that spread ransomware.
Because all three delivery methods depend on someone performing an action (e.g., clicking a link), it is important for small and midsized businesses to teach employees about the hidden dangers associated with seemingly innocuous actions.
Key Elements to Cover When Educating Employees about Ransomware
While each company will want to customize its ransomware training program to meet the its unique needs, it is a good idea to cover the basics:
- Let employees know what ransomware is and the methods cybercriminals commonly use to spread it (e.g., phishing emails, clickbait).
- Discuss the elements commonly found in phishing emails, such as generic greetings, spoofed email addresses, and messages that try to create a sense of urgency (i.e., act now or pay the consequences). If employees know about these common elements, they will be better able to spot any phishing emails that make it through email filters.
- Warn employees about the dangers of clicking links and opening attachments in emails, especially if they are from unknown senders.
- Show employees real-world examples of clickbait and let them know the dangers that might be lurking if they are enticed into clicking the links.
- Stress the importance of avoiding any web content flagged as a potential security threat by web browsers or security software, as it might contain malvertising or other malicious code.
Other Measures to Take
Businesses need take other measures as well, such as regularly updating their computers’ software so known vulnerabilities are patched. Equally important, they need to make sure they have restorable backups of their data in case a ransomware attack occurs.
If you need a security audit or know an area you are lacking, give us a call at 800-421-7151. We can make sure that your business has covered all the bases so that it will be protected from ransomware and other types of cyberattacks.