The business segment is becoming a more and more attractive target for cipher-malware developers. According to a Kaspersky Lab report based on Kaspersky Security Network (KSN) data, the number of attacks against the corporate sector 2015-2016, compared with 2014-2015 has grown six fold (from 27,000 to 158,000). Thus, ransomware tried to encrypt the data of every tenth B2B user.
Cyber-criminals using ransomware have begun to attack businesses more frequently, particularly small and medium-sized companies. This trend is confirmed by the IT Security Risks 2016 study from Kaspersky Lab and B2B International, during which 42% of the global respondents from small and medium-sized businesses agreed that cryptomalware was one of the most serious threats they faced last year.
For small companies, any data unavailability – however brief – can lead to significant losses, or bring their entire operations to a halt. If a company has not been taking due measures to ensure the safety of its important information, purchasing the decryption key from cyber-criminals can be the only way to recover data. However, this does not guarantee complete data recovery. The best way to protect your company from malware is to prevent the attack in the first place.
Small and medium-sized companies should follow several simple safety rules:
- Make regular backup copies of all important files. Companies should have two backups: one in the cloud (for example Dropbox, Google Drive, etc.), and another on an additional server or on removable media if the data volume is not too big.
- Trust well-known and respectful service providers who invest into security. Usually, you can find security recommendations on their web-sites, they publish 3rd party security audits on cloud infrastructure. Don’t assume the cloud provider can’t have security, availability or data leakage problems. Raise a question what do you do if security provider losses your data. There should be transparent data backup and restore processes together with data protection and access control.
- Avoid using only free security and anti-malware software: small businesses expect the basic security tools offered within free solutions to be sufficient. Free tools do provide basic protection, but they fail to provide multi-layered security support. Instead, take a look at dedicated solutions: they do not require a large financial outlay, but deliver a higher level of protection.
- Regularly update your OS, browser, antivirus, and other applications. Criminals use vulnerabilities in most popular software to infect user’s devices.
- Prevent IT emergencies – invite an expert to configure security solution for your company. Small businesses usually don’t have an IT department or full-time dedicated administrator, they simply rely on the techiest person in the office to take care of the computers, in addition to his regular duties. Don’t wait until something breaks, use IT support from an IT service provider to review your software and security configuration in advance.
“Crypto-malware is becoming a more and more serious threat, not only does an organisation loss money for ransoms but business can be paralysed during files recovery. There is a wide attack vector including web, mail, software exploits, USB devices, and others. To avoid infection, you personnel should explain where attacks come from and that employees should not open email attachments, visit untrusted web resources or plug USB devices into unprotected computers. Anti-malware solution is an essential measure to avoid majority security incidents”, — noted Konstantin Voronkov, Head of Endpoint Product Management Kaspersky Lab.
If you have had your corporate files ciphered, it is worth checking whether it is possible to recover them by using free utilities or decryptor keys from noransom.kaspersky.com.