One of the most notable security trends over the last few years is the rise of ransomware. Many major news stories about cybersecurity have been on this threat, from the WannaCry attack that affected the NHS in 2017 to the earlier CryptoLocker attack that hit in 2013.
You might have also seen recent stories about ransomware attacks against Blackbaud and Garmin. With both businesses widely believed to have paid millions in ransoms to retrieve their data, this is a lucrative enterprise for criminals.
It is also becoming more accessible for them. Ransomware-as-a-Service (RaaS) offers would-be cybercriminals a prepackaged solution that enables them to launch attacks.
This means that attackers do not need much technical knowledge to cause serious damage to businesses. RaaS represents a dangerous new trend that poses threats to smaller businesses. According to SC Magazine, one of these services, Dharma, can demand ransoms of up to $8260.
It is clear that these threat actors are not going away any time soon, not when their business model offers a lot of financial potential. The question now is what can SMEs do to protect themselves?
The answer is quite a lot. Good security practice can go a long way in mitigating against this type of threat. That means ensuring critical systems are backed up with an offline solution, patch management, monitoring for signs of attack, and ensuring that firewalls and VPNs are properly secured.
And remember: if you are affected, then you can get in touch with 3B Data Security for an excellent incident response solution.
As Ransomware-as-a-Service (RaaS) has simultaneously grown more powerful and easier to use, just about anyone can launch successful, damaging ransomware attacks on organizations. Small and medium businesses are particularly vulnerable to the widening variety of tactics –from the “spray and pray” favored by Avaddon to the mass-market-based business model used by Dharma RaaS.