As the owner of a small to medium-sized business (SMB), you might think that only large corporations are primary targets for hackers. The truth is, 43% of all cyberattacks in 2023 were specifically aimed at SMBs, but these attacks don’t make the headlines.
Ransomware attacks on the rise
Today, ransomware attacks continue to pose a significant threat to SMBs. Depending on the type and severity of the attack, a cyber incident on an SMB typically costs from $25,000 to as much as $3 million, most of which is a result of suspended operations. According to a recent report, ransomware attacks and ransom payments doubled in 2023 and continue to be one of the top cybersecurity threats in 2024 – with no signs of slowing down.
Unfortunately, SMBs (classified as businesses with fewer than 100 employees for small organizations and 100 to 999 for midsize enterprises) typically lack the resources and robust cybersecurity measures to detect and mitigate a ransomware incident effectively. As a result, they are often affected by an attack.
What is a ransomware attack?
Ransomware is a cyberattack where malicious software (malware) encrypts a business’s files and data, rendering them inaccessible and causing a business to suspend most or all operations. The hacker then demands a ransom payment from the business for a decryption key to unlock their files. More than a disruption, a successful ransomware attack can have severe consequences for an SMB that include:
- Financial Losses
Any downtime for a business leads to a loss of revenue and increased costs. In addition to the financial loss from suspending operations, a ransomware attack can also cost a business the price of the ransom being demanded. - Reputational Damage
Customers of a business that has been compromised by a ransomware attack can lose trust in the organization. This can damage a business’s reputation, causing customers to go elsewhere. - Legal & Regulatory Issues
Businesses found non-compliant with data protection laws can be subject to legal fees, regulatory fines, and penalties. - Permanent Data Loss
Ransomware encrypts critical files and makes them inaccessible to the business until the ransom is paid or the situation is resolved. If the organization fails to recover its data and lacks a system for backing up critical information, it could be permanently lost.
For example, a food delivery service suffered a ransomware attack. The criminals demanded a payment in return for unlocking the files, which the company declined to pay. In response, the criminals destroyed the company’s data, including customer information, pending orders, delivery routes, and financial information. The costs of the suspended operations and additional expenses to rebuild the data exceeded $900,000.
How to protect against ransomware attacks
As threats continue to evolve, SMBs need to be proactive in their efforts to protect against a ransomware attack with:
- Multifactor Authentication (MFA)
Implementing MFA for all employee user accounts (particularly email) and all administrator account access is a critical protection. MFA helps add an extra layer of security by requiring users to provide two or more pieces of information to prove their identity when trying to access a company device. - Employee Training
Educating employees and building awareness regarding phishing emails, suspicious links, and other unsafe online practices is critical. - Data Backups
Ensure that your business has a regular and frequent process for backing up and securely storing critical data, separate from your daily network and systems. - Patches & Updates
Regular system updates and security patches are critical and easy to implement. Systems that aren’t regularly updated can leave a business vulnerable to a ransomware attack. - Access Control
Employees should only have access to operating systems they need to use to do their jobs. Always limit user privileges to what is necessary for an employee’s role. - Email Filtering
A robust email filtering solution acts as a gatekeeper for an employee’s inbox, helping ensure that potentially harmful emails and links aren’t delivered. Instead, malicious emails are automatically redirected to alternative folders such as spam or junk. - Reliable Antivirus & Anti-Malware
These software programs are the first line of defense against ransomware attacks. Ensure that protections are installed on all employee devices.
Cybersecurity insurance
Despite the most robust measures, ransomware attacks can still occur. In addition to covering the extortion payment, a comprehensive cyber insurance policy will cover business interruption expenses and costs associated with investigating the attack, notifying affected customers, and credit monitoring. It also covers legal fees, settlements, court judgments, and regulatory fines for noncompliance.
The eSpecialty team recently handled a small business client who suffered a ransomware attack due to an inadvertent click on a link. The 24/7 incident response team had the client’s systems and data fully functional in hours, with no loss of services or data. These services are an important consideration when purchasing a cyber insurance policy. A package from a leading underwriter will typically include risk mitigation services and 24/7 incident response resources at no additional charge.
Not sure where to get started? Take a look at our Cyber Insurance Application Checklist.
About eSpecialty Insurance and Bob Sargent, Founder and CEO
eSpecialty Insurance was established to revolutionize the customer journey in specialty insurance. With decades of experience as an underwriter and broker addressing unusual, complex, and challenging cyber exposures, I’m helping SMBs like yours secure the most comprehensive cybersecurity solutions at competitive rates.
Email [email protected] or call (435) 252-1077 to learn more.