Canadian Underwriter
News

One cryptomalware attack can cost a small- or medium-sized business up to US$99,000: Kaspersky


September 9, 2016   by Canadian Underwriter


Print this page Share

One cryptomalware attack can cost a small or medium business (SMB) up to US$99,000 on average, according to recent research from global cybersecurity company Kaspersky Lab.

Ransomware Phone Hacked by Cryptolocker VirusAnd “despite the fact that cybercriminals do not guarantee the return of corporate data, 34% of entrepreneurs admitted paying extortionists,” Kaspersky Lab said in a press release earlier this week. The Corporate IT Security Risks 2016 study, conducted with market research company B2B International, involved a survey of more than 3,000 global representatives of SMBs.

Kaspersky explained in the release that the total damage caused by cryptomalware infection is a combination of a variety of factors, including partial or complete suspension of operations (internal business processes, financial transactions, etc.); the loss of valuable data (financial and project documents, customer or partner databases, etc.); reputational risks and more.

“In fact, the total amount of damage can be divided into two parts: the ransom and the related losses,” Kaspersky said. “The amount of related damage is, to a large extent, affected by shortcomings in the preventive work of the IT staff (poorly administered systems, outdated or missing backups, unreliable passwords, irregularly updated software, etc.).”

According to the Corporate IT Security Risks 2016 research, over 30% of SMB representatives reported the loss of a significant amount of data due to cryptomalware.

“As we can see, almost one-third of SMBs still believe that paying the ransom is the most cost-effective way of getting their data back,” said Vladimir Zapolyansky, head of SMB marketing at Kaspersky Lab, in the release. “The reality, however, is that the total damage for companies ends up being much greater and there is still no guarantee of recovering the corporate data in question. As criminals increase their efforts to make money by using cryptomalware, small and medium businesses should take preventative measures to minimize the risk of becoming yet another victim.”

The report noted that in 2015 and early 2016, Kaspersky Lab registered a “large number” of cyber incidents involving ransomware. Compared to the period of 2014-2015, the number of ransomware-based attacks on the corporate sector increased sixfold.

Related: Businesses spend more than half a million U.S. dollars to recover from a cyberattack: Kaspersky Lab

For the most recent study, 42% of very small businesses and 49% of SMB representatives said that they consider cryptomalware to be “one of the most serious threats that their organization can face.” Overall, about 67% of SMB representatives have reported “complete or partial loss” of corporate data due to cryptomalware.

SMBs, however, can adopt several tactics to deal with the threat of fast-paced cryptomalware, according to Kaspersky:

  • The threat should be addressed with basic IT security staff training. Staff should be educated so that they exercise caution when opening suspicious emails and unknown links, especially as cybercriminals often distribute cryptomalware via fake email messages mimicking notifications from an online store or a bank, or imitate ordinary communications. Enabling antispam settings also helps to avoid IT incidents;
  • Put a process in place to create and safely store backups. If an IT incident occurs, the restore point could save almost all important files, including accounting documents, client data, legal documents, etc. The regular backing up of critical records is essential;
  • Control access to corporate data. Most companies use shared folders to create a central space for employees to collaborate on files. Restricting access helps to prevent the spread of cryptomalware. If the workstation is infected, ransomware can cause less harm to the system partition or the operating system, due to a lack of administrator rights;
  • Update software on all devices to the latest version. Cybercriminals try to exploit vulnerabilities in software to compromise systems. This relates to the operating system, browser, and other widespread office programs. Regularly updating the patches could help the company to avoid these IT threats; and
  • Use professional software. These solutions leverage cutting-edge technologies, enabling multi-layered protection from known and existing threats, including cryptomalware.