Business Daily Media

The Times Real Estate

.

Defending against ransomware – it’s a matter of when, not if

  • Written by James Bergl, Regional VP, ANZ at Datto


Ransomware is the single biggest cyberthreat facing businesses today. Being attacked by cybercrooks using ransomware is a matter of when, not if. So, if you’re going to come under attack, what are some preventative measures you can take to ensure that your business will continue as usual?

Datto’s recent Annual Global State of the Channel Ransomware Report surveyed 1000 managed service providers (MSPs) around the world on what they’re seeing when it comes to this malicious software and the criminals behind it.

The report makes for sobering reading, with around 70 per cent of MSPs reporting that ransomware is the most common malware threat to small and medium sized businesses.

Ransomware is a particularly insidious form of attack, as crooks will use techniques like phishing (sending legitimate-looking emails that encourage an unsuspecting user to open them and click on a link that downloads malware), to get access to a computer and from there to the business network.

Once the criminals have access to the network, they do two things. The first is that they extract precious business data – known as exfiltrating – and upload it somewhere they can access it later. Then they encrypt all the data on the network, making it impossible for the business to keep running.

Once they’ve done those things, they issue demands: pay up or we will release your data to the world, and if you don’t pay, your data will stay encrypted.

The cost of ransomware

The costs associated with a ransomware attack are dramatic. Sixty-two percent of businesses hit by ransomware report experiencing lost productivity. Thirty-nine per cent say that they undergo business-threatening downtime, while 28 per cent report lost data and 24 per cent decreased profitability.

However, it’s the downtime that’s associated with a ransomware attack that is the real killer. Although ransoms haven’t gone up much over the last couple of years, and average around $4,400 in Asia-Pacific, the costs associated with the downtime that a business will experience until it can deal with the attack are constantly rising. Our research found that the average downtime cost for a business in Asia-Pacific is just over a quarter of a million dollars, a figure that has risen 94 per cent since 2019.

Small and medium sized businesses aren’t the only ones being attacked. Ninety-five per cent of managed service providers also report they are coming under fire from ransomware, and 84 per cent of those surveyed said they were very concerned about the threat.

Contrast this to the MSP’s clients, of which only 30 per cent are concerned about being hit with a ransomware attack.

The causes of ransomware and how to defend against it

The single biggest defence an MSP or SMB has against being hit by ransomware is having a business continuity and disaster recovery (BCDR) solution. Ninety-one per cent of MSPs reported that clients who have this type of defence are less likely to experience significant downtime during a ransomware attack.

Business continuity and disaster recovery is a broad set of tools, from backup and recovery through to endpoint protection that allows a business to quickly bounce back if it is hit by a ransomware attack. BCDR means being able to get the organisation up and running quickly again, minimising downtime, and reducing the need to pay a ransom to the cybercrooks.

The leading cause of a ransomware infestation is from phishing emails, followed by poor user practices, a lack of cyber security training and weak passwords.

That’s why, along with BCDR, the best defence against these nasty attacks is to ensure that the business has prepared their staff to be the frontline of the defence strategy. MSPs and SMBs must provide regular and mandatory cybersecurity training to give staff the ability to spot and avoid potential attacks.

With ransomware being the number one cyber threat facing business, having a solid BCDR strategy is absolutely vital. But along with that comes the need to train staff to spot attacks before they happen – this means giving them the knowledge to see a phishing email for what it is, along with practicing good cyber hygiene with strong passwords and good access management.

While it’s likely that most businesses will get hit by ransomware, being prepared is the best way to bounce back, and avoid the crippling costs of these attacks.

Five signs that AI is growing faster than the internet did

What do Aussie businesses need to do to keep up? There has been mounting chatter that AI is growing even faster than the rapid acceleration we sa...

Protecting Your Small Business from Cyber Threats This Holiday Season

The holiday season brings a surge of online activity for small and medium businesses (SMBs), with increased sales and customer inquiries offering ...

Essential SEO Strategies: Boosting Your Real Estate Business

In recent years, it is said that more and more people are searching for properties online than those who visit real estate companies in person. For ...

Every Business Needs to Apply a Concrete Strategy

Do you want your website to rank higher in the top results of the Google search engine? Then hire the excellent SEO Services in Australia for your n...

Navigating Cyber Fraud After a Natural Disaster

As Australia enters another long, hot and potentially destructive summer, businesses and residents are preparing for the natural disasters synonym...

8seats messaging startup aims to transform business communication

The new platform brings an innovative approach to unite office-based and desk-less teams 8seats, a next-generation messaging platform for busine...

Sell by LayBy