Ransomware is becoming a big problem for small businesses in 2021. But most companies don't realize it.
The second half of 2021 saw cybercriminals using ransomware to target more SMEs than large companies. A major reason for this shift is to avoid the national political and security responses resulting from attacks on prominent targets (like the Colonial Pipeline). Instead, the criminals are starting to target smaller companies that aren't as nationally renowned and won't cough up as much money as their bigger counterparts.
Why? Because COVID has led these companies to adopt remote work arrangements and rely on remote desk protocols (RDPs) to continue functioning, without setting up the defenses needed to secure their remote credentials properly. The lack of security and data backups makes them sitting ducks - criminals find them easier and cheaper to attack.
Ransomware like the Dharma virus is easy-to-use, requires little coding expertise, and is known for numerous attacks on SMEs. This virus isn't sneaky like the Trojan. Rather, it employs brute force in breaking down your system's RDPs, passwords, and security software. As mentioned earlier, several small businesses have poorly secured RDP ports, allowing ransomware players to easily hack into them or buy the credentials on the darknet.
According to Coveware's quarterly ransomware report, almost 44% of attacks have happened to firms with 101-1,000 employees, and 35% have occurred to firms with 11-100 employees. These firms include small professional service companies, public entities, and healthcare providers.
These numbers prove that:
-
Small businesses are never too small to be targeted.
-
Criminals can and do use ransomware to attack several SMEs for smaller ransom amounts - after a while, the dollars add up.
-
SMEs are less likely to invest in sophisticated cybersecurity defenses or have enough cyber liability insurance to survive a ransomware attack.
-
SMEs are more likely to give in and pay the ransoms, which may be less expensive than fixing the systems themselves - although that trend may start to decrease as people are beginning to realize that cybercriminals often leak or destroy data even after receiving ransoms.
All is not lost, however. Cybersecurity measures and protocols are available all over the world to help you ward off cyber attacks. Cyber insurance is another, possibly cheaper, option for small businesses that need to control damages in the aftermath of a ransomware attack.
Carriage Trade Insurance specializes in helping small employers like you shoulder the risk of cybercrime and help your company get back on track after an attack. Talk to a friendly professional and find out how Carriage Trade can help secure your company's operations.