cybersec

Ransomware, Backups and the Aging IT Specialist

Small Business Cloud

Right now, two technology trends characterize the small business ecosystem: a growing migration to the cloud, and a growing susceptibility to cybercrime, particularly in the form of ransomware.

Recently, I discovered this duality firsthand. Stranded at the local ski resort, I got a ride down from a fellow snowboarder named Dan. Dan is a salesman for a small business selling signage. According to Dan, his company’s data was hijacked by hackers and held for ransom. The ransomware was embedded in an email opened by one employee. The small business owner has a longstanding relationship with an aging IT specialist, who hadn’t backed up any of the company’s information on the cloud. It was all sitting on hard drives, and suddenly, they weren’t able to access any of it. They paid the ransom to get the data back because, really, what else could they do?

In 2015, about 50% of cyberattacks worldwide hit small businesses. Small businesses can be unsuspecting, and invest less in cybersecurity than large corporations. Hackers can attack more than one small business at a time, and increasingly, they’re doing this with ransomware. For hackers, ransomware is simple and lucrative. There’s no need to ferret out financial data and resell it, or interact with banks. All it takes is one employee to open a file containing malware. Then, thieves can potentially get a payout directly from the business whose livelihood is at stake.

This comes at a time when small businesses are increasingly seeking ways to be more competitive with cutthroat giants like Amazon and Walmart. Out of Quickbooks’ ways to increase small business profits, the top two are:

  • Go paperless
  • Switch to electronic forms and filing

As small businesses heed this advice, hackers lineup to block their access to files. In an interview with NBC, the executive security director of IBM Security Limor Kessem says, “It's like some sort of gold rush. Cybercriminals are using ransomware to bring extortion to the masses and more criminals are now doing it because they're interested in getting a piece of the action.” Ransomware payments reached an estimated $1 billion in 2016, up from $24 million in 2015. At the same time, small businesses were hit with eight times more attacks in 2016 than in 2015. According to a study from IBM, only 30% of small businesses offer cybersecurity training to their employees, which makes them more vulnerable.

When I talked to Dan, the salesman whose company eventually paid a data ransom, he felt that if his company’s data had been backed up to the cloud, they could have avoided paying the ransom. “The cloud is where a lot of businesses our size are going anyhow,” he said. Turns out he’s dead on the money.

Small business, the cloud, and security

About 78% of small businesses will adapt their operations to cloud by the year 2020, up from the nearly 40% that are already there. One primary reason for this is the convenience of SaaS; another is “Hives”, groups of individuals who collaborate virtually from remote locations, some freelance, others part of the core unit. The desire to compete head-to-head with big business is also driving this trend.

But is the cloud safe from ransomware? Depends. Brian Krebs details the story of an acting agency for children that fell prey to a cloud ransomware scheme. The firm had all their applications and data hosted on a private managed cloud solution. Here again, ransomware struck through email. An employee opened an attachment that looked like an invoice, and the company was no longer able to access more than 4,000 files. Fortunately, the cloud provider was also providing backup. The firm was able to get their files back, but it took nearly a week. The attack also affected other clients on the same server.

If cloud files aren’t backed up, they’re vulnerable. Cloud hosting and storage alone won’t do the trick. Eastern Kentucky University identifies attacks on cloud services as one of the looming threats in cybersecurity. EKU identifies seven components of cybersecurity which can be seen in the featured image.

Anti-malware specifically targets infections, such as ransomware. Anti-malware applications run files in an emulator, testing them for threats with a behavioral assessment in the application, and in the cloud. There are security applications for mobile phones, too–highly recommended if employees conduct any sort of business on their phones. Note that cybersecurity training is also critical. If small businesses are going to invest more of their resources in the cloud, security training will be a prerogative. In order for small businesses to compete with big businesses, they will need to compete in the training arena as well.

By Daniel Matthews

Daniel Matthews

Daniel Matthews is a freelance writer from Boise, ID. Daniel received his Bachelor's in English from Boise State University in 2006, and is currently working on a book about the 2008 financial crisis. Widely-published online, he specializes in research and analysis that sheds light on the intersection of tech, business, and current affairs. Daniel is an avid writer and technology enthusiast whose mission is to bring journalistic integrity and informed opinions to his audience in ways that make them think differently about the world. You can find him on Twitter and LinkedIn.

View Website
Cloud Advances One Funeral at a Time

Cloud Advances One Funeral at a Time

The Advancing Cloud Forecasts scream huge growth rates for cloud but in the big picture it is tiny. Max Planck noted: “Science advances one funeral at a time.” Is cloud the same? The demand for ...
The Shift from Monolithic to Microservices: What It Means for CTOs.

The Shift from Monolithic to Microservices: What It Means for CTOs.

The Shift to Microservices The shift in application development strategies is moving from monolithic design to isolated and resilient components known as microservices. As a result, applications that were designed with platform entanglements such as ...
CloudTweaks Q&A: How Smart Will Your City Be by 2025?

CloudTweaks Q&A: How Smart Will Your City Be by 2025?

How Smart Will Your City Be by 2025? What role does back end infrastructure play in connecting IoT devices? Probably the same infrastructure as we would want to see with an efficient regular (i.e. non-IoT) ...
Turn to the Cloud as Part of Your Data Breach Strategy

Turn to the Cloud as Part of Your Data Breach Strategy

Data Breach Strategy The latest Verizon Data Breach Investigations Report is out, and the verdict is in: data breaches are on the rise. While the news shouldn’t surprise anyone, there are some actionable insights to ...
How to Improve the Backup Success Rate of Data Centers?

How to Improve the Backup Success Rate of Data Centers?

Improve Backup Success Rate According to industry analysts, a significant number of backup jobs (from 5 to 25%) are failing across various tiers of data centers. This impacts datacenters heavily on revenue loss, SLA-based penalties, ...
The Lighter Side Of The Cloud - Autonomous Sleigh
The Lighter Side Of The Cloud - Playing It Safe
The Lighter Side Of The Cloud - Due Diligence
The Lighter Side Of The Cloud - Turmoil
The Lighter Side Of The Cloud - The Backup Reminder
The Lighter Side Of The Cloud - Recovery Experts
The Lighter Side Of The Cloud - DNA Storage
The Lighter Side Of The Cloud - Going Viral
The Lighter Side Of The Cloud - Big Broadband

CLOUDBUZZ NEWS

New Technology Partnership: SAP and the Mercedes EQ Formula E Team Power Up for the Future

New Technology Partnership: SAP and the Mercedes EQ Formula E Team Power Up for the Future

SAP and the Mercedes EQ Formula E Team Power Up WALLDORF — SAP SE (NYSE: SAP) today announced a new multiyear agreement with Mercedes-Benz to become the official business performance partner of the automaker’s Mercedes EQ Formula E ...
Artificial Intelligence to Add US$182 Billion to UAE Economy by 2035, Accenture Research Shows

Artificial Intelligence to Add US$182 Billion to UAE Economy by 2035, Accenture Research Shows

Financial services, healthcare, and transport and storage industries likely to see the biggest gains DUBAI, United Arab Emirates; May 21, 2018 – Artificial intelligence (AI) has the potential to boost economic growth in the United ...
EU antitrust official sees more scrutiny for Facebook, others

EU antitrust official sees more scrutiny for Facebook, others

ROME (Reuters) - Facebook and other tech giants may attract more regulatory scrutiny in future because of their market power, a senior EU antitrust official said on Tuesday. Tommaso Valletti, chief economist at the European ...