Canadian Companies More Likely To Pay Ransomware Demands
The following findings were the Canadian portion of a study of 540 respondents in 4 countries, and it seems Canadians were more likely to pay ransomware demands. The study was undertaken by Osterman Research, published by Malware Bytes and reported on by Profit Guide.
In this small study of 125 Canadian respondents:
- 44 had a ransomware infection
- 33 paid a ransom between $1,000 - $50,000
- 11 shut down their business to deal with the infection and effects
- 5 were in healthcare, an industry which cyber security analysts speculate will see a rise in attacks in 2017, which we touch on in this post on how to reduce your risk of ransomware here
Many businesses don't have adequate data backup and are forced to pay ransom to retrieve their files.
Other organizations have backup setup, however it is attached to their computer network and some variants of ransomware can locate and encrypt such backup files, leaving victims without any files to recover data from.
Kaspersky studies have shown the average cost of network breach to be $38,000. By comparison, the cost of IT Security improvements to greatly reduce risk for small business are only $2,000 - $6,000. In 2016-2017, small business owners and small nonprofit boards should hire professional help to undertake network security audits and improvements. Teams without an in house IT employee should also consider Managed IT Services for ongoing prevention and support.
In 2013, there were only two ransomware families: Cryptolocker and Cryptowall.
In the first half of 2015, nine new ransomware families emerged:
- CoinVault 2.0
Ransomware continues to rise and remains highly lucrative for hackers. These viruses continue to evolve and have been refined to the point where they are now completely automated and carried out through the dark web. Digital criminals collecting ransoms via cryptocurrencies such as Bitcoin can't be tracked by law enforcement.
Sometimes it can feel as though there is no stopping a hacker if they want to get to you- and to a certain extent that is true of a very skilled hacker. As a small business owner, you have a responsibility to show due diligence in protecting the data you house and taking reasonable measures to secure your network and block most would-be attackers.
There is plenty you can and should do. Start with an IT Security Audit by a qualified consultant, and get a firewall for small business installed.
Prevention is key with cryptolockers, malware and viruses. The ongoing rise of these threats means better network security solutions are needed by most small businesses.
Your network security should be thoroughly reviewed every 1-3 years. If you are past due, call your IT provider today.
Canadian Data Breach Reports
Breach Level Index is an online database that stores and shares information about network security breaches, and they reported that in 2014, in Canada, 57 incidents resulted in 276, 789 data records being stolen from government agencies, healthcare agencies and banks.
Security experts speculate that the actual number of data records stolen and network security breaches is actually much higher, because organizations are not obligated to report breaches. In particular there are concerns around the small business community.
In Canada, the definition of a small business is any organization with 1-500 employees and sales of $30,000 to $5,000,000 per year. As you can imagine, these companies store valuable client data.
Data Loss Statistics
Data loss happens. And it isn't just caused by ransomware. Recent data loss statistics show that 40% of data loss is caused by hard drive failure. Another 20% is caused by user error. If you don't have data backup, or if you aren't sure you've got it quite right, you could be in for an unpleasant surprise.
Imagine, one moment you're working away, and the next, all your data is gone. What would you do? What would it mean for your business?
Did you know that 40% of businesses that experience a data loss never re-open their doors?They are forced to pack it up and close, because recovering from a data loss event can be like recovering from a natural catastrophe. Don't pack it up, back it up. Protect yourself.
As you can see, the average value of a data loss event is $3,400, plus the cost of the tech support call and attempted recovery (which can take many hours and cost quite a bit).
You still have the damage to deal with, the disruption to your business, and the potential loss of reputation, especially if you have to report the data loss event to your paying customers.
We all think a data loss event or data back up failure won't happen to us, but they happen everyday. It makes financial and business sense to pay a professional to help you set up an automated data back up system today - before a loss.
Work with a qualified IT consultant to setup your disaster recovery systems before you need them.
Small Businesses And Data Safety
Small businesses are in fact being targeted by online hackers because they are known to not be investing in network security the way that they should be. It is also well known that small business organizations with under 20 employees generally do not have an in-house IT department or a full-time IT employee on staff, and so they tend to fall behind with server security updates and network security updates. They also tend not to invest in user security awareness and training. So not only are their overall network defenses weaker, their users may be more likely to click or enable viruses that come through email attachments and web pages.
Small business network security breaches are of real concern not just to the organization storing data, but to us as the consumers who are sharing our data with these organizations. Are they storing it securely? And it's not just data on servers and computers. What about payment data? PCI compliance is not yet mandatory across all credit card processing agencies. While TUCU is PCI compliant, not every small business is. Are the companies you do business with managing your data securely?
If you are a small business owner you may or may not be up to date with your server and network security settings. If this is something you feel you need help with, please talk to an IT professional today.
Toronto IT Consulting Services: Are you a small business owner in Toronto Ontario looking to improve your computer network security? We can help. TUCU is an IT Support Company located in Toronto ON, offering IT consulting, IT security assessment and remediation, and comprehensive IT management services. Please contact us to schedule your free consultation to discover how we can help you manage your technology to keep your business running smoothly.