Ransomware has risen to be one of the most severe types of cyberattacks that a company can get hit with. In most cases, work stops, all the company’s processes come to a screeching halt, and thousands of dollars are lost each hour that ticks by without remediation.
In the past 12 months, the costs of ransomware remediation have more than doubled, from $761,106 in 2020 to $1.85 million so far in 2021. The average ransom paid in 2020 was $170,404.
Protecting against ransomware attacks has become a high priority in any business network security strategy. Already in 2021, there have been two high-profile ransomware attacks that have impacted millions of consumers. One of these was on Colonial Pipeline, raising the price of gas to over $3.00 per gallon nationwide. The other was on JBS (Pilgrim’s Pride, Swift, etc.), the world’s largest producer of beef and pork.
What’s making ransomware worse?
A big part of the increase in attacks and associated costs is a new model called Ransomware as a Service (RaaS) being offered by large criminal organizations and state-sponsored hacking groups like REvil.
The volume of ransomware attacks grew 485% in 2020.
Any Denver or Charlotte business owner needs to know what’s driving ransomware so they can take all tactics possible to protect themselves from an attack.
Ransomware as a Service (RaaS) Explained
RaaS is a model that follows the same idea as software as a service (SaaS). With the SaaS model, companies pay a monthly subscription for access to cloud-based business tools. The tools are always kept updated and they typically have access to customer support, FAQ resources, etc.
With RaaS, the ability to conduct ransomware attacks, including the assets and code needed to perpetrate the attack, is available for a fee. This could be a flat fee or a monthly subscription fee.
What RaaS does is democratize ransomware attacks. No longer does a person have to hold expertise in hacking or be able to craft and deploy code on their own. Instead, they simply subscribe to a RaaS platform, and everything is packaged for them and ready to go.
This service model is directly responsible for the explosion of ransomware attacks. RaaS is estimated to now account for nearly two-thirds of all ransomware attacks.
Ransomware Has Become a Business Model
Ransomware has become big business, in part due to the fact that a majority of companies end up paying the ransom because they’re unprepared and desperate to get their operations back up and running.
There are multiple RaaS affiliate schemes out there and they’re now competing with each other, just like cloud software companies do. So, one service might run a sale, attracting even more wannabe criminals.
RaaS offers many of the same types of features as SaaS platforms, including:
- Help desk support
- Flexible pricing models
- Affiliate commissions
- FAQ & tutorial videos
- User help forum
Pricing for RaaS hacking packages can vary, but some start at as little as $40 per month. When you compare that to the average paid ransom being over $170,000, it’s a great deal for someone wanting to try their hand at a big ransomware score.
How Can You Improve Your Defenses Against Ransomware?
Monitor Your Data Backups
One big mistake that many companies make is to start their device backups and then never check them again until they need to restore data.
Backups can fail for many reasons, including running out of space, the user accidentally turning it off, software conflicts, and more.
It’s important to have your backups monitored to ensure all data is being properly captured.
Go Through Data Restoration Drills
In the case of Colonial Pipeline and JBS, both companies had a data backup, but they paid $4.4 million and $11 million respectively to the hackers anyway. Why? Because they thought it would restore their operations faster than trying to restore via their backup.
You should go through the data restoration process of your backup regularly for these reasons:
- To ensure you’ve chosen the right backup system that has a fast recovery
- To get your team familiar with the data recovery process
- To speed up the response time of your team, so data recovery is like clockwork in the case of a ransomware attack
Use Cybersecurity Best Practices
It’s important to not let your guard down when it comes to combating ransomware. This means putting systems in place to protect endpoints, reduce the impact of phishing emails, and ensure that cloud environments are secure.
Standard best practices include things like:
- Advanced firewall
- Antivirus/anti-malware
- Email filtering
- DNS filtering
- Use of multi-factor authentication
- Employee awareness training
- Network and endpoint monitoring
Get a Security Check from Rocky Knoll Technologies
Is your IT security strong enough to withstand today’s sophisticated ransomware attacks? Rocky Knoll Technologies can help your Charlotte area business reduce risk with a full review of your current security and recommendations to protect your devices and data.
Contact us today to schedule a free consultation. Call 704.594.7292 or reach us online.
