Bomaderry: 02 4421 5866 | Moss Vale: 02 4868 1366

Business Advice, tips and advice - Concepts and Insights to help your business

Secure your Business

Ransomware-as-a-Service? Secure your Business

Reading time: 3 - 5 minutes

In our blog article last year we asked the question, ‘How’s your cyber hygiene?’. We referred to the very public ransomware attack of Garmin that crippled their business for days that cost them millions of dollars.

That cyber attack encrypted and shut down Garmins internal systems and prevented customers from accessing their critical online services. Garmin never confirmed if it paid the requested $10 million ransom but, in less than a week it seemed they had accessed the decryption key and started restoring their systems.

At the time that was a high-profile ransomware attack but sadly such attacks have become more and more common.

The Garmin Security Breach is now one of many high-profile ransomware attacks targeting large organizations. In fact, 2021 saw some record breaking attacks with organisations such as SolarWinds and the discovery of the Log4j critical vulnerability that plagued Minecraft gamers.

But, importantly one emerging trend is that cyberattackers are no longer just targeting the Fortune 500 companies. It seems that small and medium businesses are proving to be highly lucrative for ransomware attacks as well. 

And this makes sense…

Blue chip companies and governments are pouring huge resources into cyber security, much more than most SMB’s can even think about. This makes SMB’s prime targets and, from the attackers perspective, sitting ducks.

The year-on-year explosion of ransomware attacks has attracted the attention of some very talented, unscrupulous coders. And it’s a big business. So much so that ransomware-as-a-service (RaaS) is now ‘a thing’. Modeling itself on the proven software-as-a-service model, it’s a subscription based service whereby the creator of the ransomware tool, or their affiliates, earns a percentage from each successful ransom payment.

How do they work?

As you would expect, it all starts with a clever piece of ransomware that is usually developed by some highly skilled individuals. The software developer then signs up an ever growing number of ‘affiliates’ who then distribute the ransomware for deployment.

Phishing attacks remain the most likely way that breaches occur. This involves stealing sensitive information such as passwords and payment related details. The most common way of achieving this remains via email i.e. sending emails that appear legitimate but contain a link that activates the ransomware.

Once the ransomware is unwittingly downloaded it will move rapidly through the compromised system. It will disable antivirus software and firewalls and can even trigger the autonomous downloading of further remote access components. This can all happen without detection for some time…

Simply put, this is when the extortion begins.

Should you pay the ransom?

This is a tricky one and our advice is of course to try to avoid ever being in a situation where you’re forced to make such a decision. 

Of course, your IT provider should be your first call, followed closely by the authorities who should always be notified if you are the victim of such a crime. However, the ultimate decision as to whether to pay or not will rest with you, the business owner.

Keep in mind… these cyber criminals are obviously immoral and untrustworthy types to start with so there’s no guarantee that you will be given the decryption key. They may ask for more money once you’ve paid their first request.

How to protect yourself from ransomware attacks?

As we referred to in our previous blog, given the most common nature of these attacks (phishing), staff education is really important. 

Naturally, ensuring you have defenses in place to help prevent and detect such attacks is crucial. Keep in mind, this is an ever evolving landscape and RaaS is a BIG business so it's important to constantly monitor your IT ecosystem. This includes staff access, operating systems, software, network security and data protection.

Additionally, the Government is increasing its demands of businesses within Australia and wants to see how a business protects and then monitors its systems to detect and respond to any breaches.

 New and growing mandatory requirements are being implemented for cyber security which will also affect businesses contracts with their suppliers, sub-contractors and other service providers.

The Takeaway?

Owners and managers of businesses need to ensure that adequate precautions and systems are in place to protect against these modern and pervasive digital threats. You can be sure that those behind attack technologies such as RaaS see it as a very large, growing and lucrative business. 

Therefore, the best counsel we can offer as business advisors is to select a suitable IT partner who is able to protect your business, advise and educate individuals and support you whilst you continue to grow it.

 

Do you have the right systems in place to protect your business. Contact us for professional business advise.

icon blogs

factsheets

videos