It’s not a new phenomenon but last week’s WannaCry attacks, which brought havoc to the NHS and thousands of other organisations, also brought ransomware sharply into the spotlight.
Like other malware of this sort, WannaCry threatened to permanently delete locked files unless a payment was made. The unequivocal message from the UK’s National Crime Agency for any individual or business affected by ransomware is not to pay. Apart from the ethical considerations in paying a ransom of this kind, there is absolutely no guarantee that you would get your files back anyway. The reality is that there is no doubt many did pay up.
As malware attacks go, WannaCry was widespread but not hugely sophisticated, and the effects could largely have been avoided with some pretty basic safety measures. Good quality IT support and cyber security services can advise businesses of all types how to improve their defences against ransomware and other types of cyber crime.
Many SME owners and decision-makers seem to think their businesses are too small to become targets but this simply isn’t the case. According to a report by business ISP Beaming, nearly 3 million UK businesses of all shapes and sizes were affected by cyber crime last year, at a cost of £29.1 billion.
It is true that larger businesses are more likely to be targeted. 71% of businesses with more than 250 employees were attacked in 2016 but almost a third of micro-businesses with fewer than 10 employees were also affected. Additionally, larger companies tend to have more resources to deal with cyber attacks and the costs can be proportionally far more serious for smaller businesses. Medium-sized enterprises fall right in the middle and adequate cyber security measures are becoming ever more essential.
Beaming’s survey found that phishing was the most common type of cyber attack experienced by businesses last year, affecting almost 1.3 million victims.
This was followed by computer viruses, hacking/data breaches, denial of service attacks and social engineering. Ransomware was the sixth most common form of attack, with nearly 390,000 business victims. Despite the publicity surrounding the WannaCry attacks, it remains the tips of the iceberg and businesses of all sizes should remain vigilant.