SMEs need to confront the threat of ransomware

confront the threat
© Benjawan Sittidech

AJ Thompson, CCO of Northdoor plc, discusses why ransomware is not just an enterprise problem and why SMEs need to confront the threat

The last few months have been full of high-profile stories of large public sector organisations and enterprise-level companies being hit by ransomware cyber-attacks. The likes of Acer, AXA Insurance Group, Colonial Pipeline and the Irish Health Service Executive have dominated the headlines, with each company also taking very different approaches to how they deal with the attacks. What these high-profile attacks have done though is mask the reality of ransomware and who cybercriminals are primarily targeting.

SMEs at real risk of cyber-attack

At the start of 2020 there were nearly six million small businesses (0-49 employees) in the UK making up 99.3% of the total business. They account for three-fifths of the employment and around half the turnover of the private sector. SMEs employ 16.8 million people and have a turnover estimated at £2.3 trillion.

SMEs then play a critical role in the UK, heavily contributing to the economy. However, they are at most risk of being targeted by cyber-crime and with cybercriminals upping their efforts and the level of sophistication of their attacks, more needs to be done to protect this important group of companies.

SMEs are vulnerable to cyber-attacks for a couple of reasons.

  1. Understandably, they have less resource to spend and allocate to cyber defences
  2. A slight naivety that as a smaller business they will not be targeted by cyber crime
  3. They still hold sensitive and valuable data that is hugely desirable to cybercriminals

As a result of the above points and with cybercriminals always looking for the easiest route to gain access to data and infrastructure, SMEs are increasingly at real risk of being attacked. Of course, the impact of any attack is also amplified by the size and resource of the SME.

Government survey found that the average annual cost for businesses that lost or assets after a breach was £8,460. A drop in the ocean for larger companies, but for SMEs a major hit on their bottom line. Add to this the impact on reputation with customers and suppliers and it is clear that SMEs are at risk, not only of losing money, but losing their entire business. A US Government survey found that a disturbing 60% of companies go out of business within six months after falling victim to a data breach.

Ransomware attacks are on the increase with some stating that ransomware attacks occur every eleven seconds. What can SMEs do to protect themselves?  

It not just cyber defence; cyber resilience is key

For SMEs with limited budget, understanding what is going to best protect them, before, during and after a ransomware attack is crucial. It is clear that some form of cyber defence is critical as without it SMEs are simply leaving the door open.  However, cyber defences can only counter known threats and methods of attacks, and even then, only if companies are routinely implementing updates and patches. This reactive approach is always going to be behind the curve of increasing sophisticated attacks though. The cybercriminal tends to be one or two steps ahead of defences, so sitting behind firewalls and anti-malware software can no longer be considered an effective approach.

Some SMEs, especially those in particularly vulnerable sectors where the data they hold is considered hugely valuable by criminals (insurance and financial services), are turning to cyber resilience services. Cyber resilience identifies the key data within businesses’ infrastructure and claims it. The solution takes the business-critical data collected and holds it in separate offline silos, ensuring that the data is inaccessible to criminals who might gain access to infrastructure.

The way the data is collected also means that the silo is only open for the split second it needs to grab what it has identified as business-critical information. Other approaches mean that portals are almost constantly open, gathering all data, offering cybercriminals an easier route in.

The advantage of cyber resilience is that the most business-critical data is safe, isolated and away from the hands of any criminals that successfully get through defences. This is the data that organisations need to ensure that they can carry on working, offering services and support, before, during and in the aftermath of any cyber-attack.

Business resilience in the face of increasing attacks

Resilience has been the keyword for all SMEs over the course of the last year. By showing resilience SMEs have been able to continue through uncertain and ever-changing times. This resilience should be taken into protecting data, which is now more valuable and sensitive than ever before.

By using cyber resilience tools SMEs can have some peace of mind that they are building more resilience into their business. Cyber resilience not only helps to keep the cybercriminal out, but also ensures, in the worst-case scenario, that the most business-critical data is safe, allowing SMEs to continue working in spite of the success attack, mitigating damage to infrastructure, reputation, and finances.

LEAVE A REPLY

Please enter your comment!
Please enter your name here