Looking for Something Specific?
Search the Blog Archives.
Huge Ransomware Demands From Small Businesses on the Rise
Cyberattacks may not be natural disasters, but they hit their targets in a similar, non-discriminatory fashion. Many small businesses — including small and medium healthcare organizations — are under the false impression that just because they aren’t a Fortune 500 company with huge assets, they are safe from cyberthreats.
Small- and Mid-Sized Businesses are a Hacker’s Preferred Ransomware Target
The misconception that smaller organizations are less vulnerable couldn’t be further from the truth. In fact, many savvy hackers view small- and mid-sized healthcare and other businesses as the low-hanging fruit of the dark web. The reason for this is a practical one: Smaller organizations tend to have fewer resources to spend on security and data protection, and when it comes to ransomware, smaller businesses are less equipped with resources to deal with the loss of data that would result from not complying with the hacker’s demands.
To put it bluntly, smaller organizations pay up when they are told. They typically don’t have an army of defenses behind them to take any other course of action, so hackers see them as an easy payout.
Ransomware Demands of Small- and Mid-Sized Organizations Net Hackers Thousands per Day
A typical business day in the life of a ransomware hacker means they will send multiple low-end ransomware demands to many different targets, usually in the neighborhood of $1,000 to start. But that’s just the first demand. Hackers typically view this as a nuisance payment for the business and as a method to test the waters as to how responsive the business might be — and ultimately, how much it cares about its data.
It makes perfect financial sense for a hacker to cast a very wide net when it comes to small- and mid-sized businesses. First of all, it’s easy money. Secondly, smaller notes are more feasible for smaller businesses to pay. Even a success rate of one business ransom at $300 per day is a very profitable ROI, and it keeps ransomware hackers motivated to develop their methods and continue their attacks.
Once you pay up, regardless of how large or small the demand, you are sending a very clear message to your hacker that they are on to something — and that your business holds valuable information that you are willing to pay to rescue.
Here are a few of the most common ransomware tactics that small- and mid-sized businesses should be aware of:
What Can a Small- or Mid-Sized Business Do to Prevent a Ransomware Attack?
What Should I Do if My Business Is Attacked?
Ideally, you’ll be in a position to avoid paying up because you followed the backup rule. If you end up in the position of needing to pay a ransom to avoid losing valuable data, try to delay the inevitable by making the attacker feel that you plan to pay — and play by his rules for the time-being.
In the meantime, gather all information that you have on the attack and contact your managed IT service provider. Depending on the scale of the attack and whether sensitive patient health information is involved, you may be subject to data breach rules and reporting requirements under applicable HIPAA regulations.
If you feel your organization might be unprepared to deal with a ransomware attack, VITECH can help secure your IT network and your valuable business data. Contact us at (800) 536-2156 or send us an email at email@example.com for more information.
Fill In The Form Below for industry news, information about our services, events, webinars and more.