November 03, 2017
Cyber Extortion: The New Threat to SMBs
There’s no doubt that ransomware is still a worldwide epidemic, as we found in our State of the Channel Ransomware Report. My discussions with MSPs and end users indicate that the threat of ransomware is stronger than ever, and the stakes have never been higher.
Recently, an MSP at a roadshow in Cincinnati told me about one of his clients, a family-owned flower shop that suffered a $3,000 ransomware attack. They didn’t have the proper BDR technology in place or the ability to pay the ransom demand. With limited cash flow, this was the straw that broke the camel's back, and they were forced to close their doors and walked away after 15 years.
This incident stuck with me and got thinking about how we all got into this situation. What was the trigger that has allowed these thieves to start doing this? It comes down to cryptocurrencies like bitcoin. I’ve spent more time becoming familiar with cryptocurrencies recently and how they facilitate extortion. Yes, I said extortion.
For the channel and end users, I’ve started drawing the correlation to old Hollywood gangster movies. We’ve all seen them, gangsters extort money from a small business owner using an implied threat of violence. “You wouldn’t want your store to burn down, would you?” Of course, the small business owner has no choice but to pay up and the thieves. What we’re dealing with today is no different. Hackers are extorting money from small businesses.
This is cyber extortion. Thieves pick on SMBs because they often do not have the means to defend themselves. The SMB owner can’t possibly stay on top of all the things they can leverage to protect their IT infrastructure, and cryptocurrencies are making it difficult to track and slow these criminals down.
Here’s a bit of advice. Never, and I mean NEVER pay the ransom. First, when you pay the ransom, you are letting the thieves know that they have a fish on the line. You have money, and you value your data. They’ll come back again and again. Even if you pay the ransom, there is a significant chance you won’t get your data back anyway.
Add into all this that the amount of ransom is insignificant compared to the downtime you suffer as a result. 75 percent of MSPs report clients experienced business-threatening downtime as a result of a ransomware attack.
Here’s the good news for business owners. There are affordable plans and technologies in place that can prevent and recover from such attacks. The first step is to get serious about your technology. It’s not going away. Along with the good things technology does to enable businesses, it also comes with more of the bad. A proper security BDR solution by a local expert that can stay on top of the evolving threats is critical to success, keeping your doors open and keeping YOUR money in YOUR pocket.