As one year closes and another one begins, it’s always worth sitting down and taking stock. At Somerbys IT, we do this for a number of reasons, not least to look at what the major cyber risks are likely to be for the upcoming year. This way, we can stay ahead of the game and keep our clients as safe as possible.
For 2020, it’s plain to see that one of the biggest threats is ransomware. Travelex has been all over the news lately after a cyber-breach was detected on New Year’s Eve. Hackers gained access and threatened to release customers’ personal data, including payment card details, unless Travelex paid them £4.6 million.
We are seeing more attacks on smaller businesses year on year, and whilst technology and cybersecurity advance at great pace, ransomware is right on their heels – morphing, evolving, and being operated by ever more intelligent hackers. And the statistics prove it…
According to the Bitdefender Mid-Year Threat Landscape Report, ransomware saw a 74.23% year-on-year increase from 2018 to 2019.
Cybercrime Magazine reported that ransomware damages cost the world $11.5 billion in 2019, and they predict that this figure will rise to $20 billion by 2021. This is not surprising as we also learned that companies fell victim to ransomware attacks every 14 seconds in 2019, which will increase to every 11 seconds by 2021, making “ransomware the fastest growing type of cybercrime”. But why?
Ransomware is the perfect business
Low outgoings, high ROI – what every business owner wants. And this is exactly what the ransomware market provides. The darknet sees coders selling ransomware for just a few hundred pounds. Hackers are snapping this up, knowing they can make thousands from just one attack.
As the primary revenue source for ransom gangs, it’s a quick win. Hackers access a company’s system, either via phishing emails or by identifying vulnerabilities. It silently moves through the system to encrypt the data before rendering the system totally inaccessible. The hackers then demand extortionate sums of money in exchange for a decryption code. They are clever though – they demand a sum just below the repair costs it would incur for the company. Or even better, they know that most companies now have cyber security insurance and that the insurers will pay out, so they can go to town and hit them with as high a ransom as they want.
What’s more, ransomware is a silent killer. It takes its time, and without the right levels of security, you’ll have no idea it’s happening. Hackers spent over a year collecting 18.6 million emails from David Beckham’s publicity company before leaking them to the press after the ransom demand was refused. Nobody knew that the system had been compromised until it was too late.
But hackers aren’t after you
Or maybe they are… it all depends. More often than not, they are after your clients. Think about it.
The ransom gang that hit Travelex didn’t want details about Travelex itself – they wanted the data the organisation held – the extensive database containing payment card details to use as ransom. In the David Beckham case, the hackers weren’t after his publicist’s details – they were after David Beckham’s details.
So, the excuse of ‘we’re too small to be a target’ doesn’t wash. You could be a sole trader and still suffer a breach if the data you hold is powerful enough. From universities to hospitals, governmental bodies right through to a local hairdresser with just one high profile client, everyone is at risk.
Ransomware is brutal. As a business owner, it can leave you between a rock and a hard place – pay up or go bankrupt. If you think you can’t afford cyber security in 2020, the simple truth is that you can’t afford not to.
Our friendly team at Somerbys IT is here to talk to you about the right level of cyber security for your company. Get in touch today for a chat.