cybersec

Ransomware, Backups and the Aging IT Specialist

Small Business Cloud

Right now, two technology trends characterize the small business ecosystem: a growing migration to the cloud, and a growing susceptibility to cybercrime, particularly in the form of ransomware.

Recently, I discovered this duality firsthand. Stranded at the local ski resort, I got a ride down from a fellow snowboarder named Dan. Dan is a salesman for a small business selling signage. According to Dan, his company’s data was hijacked by hackers and held for ransom. The ransomware was embedded in an email opened by one employee. The small business owner has a longstanding relationship with an aging IT specialist, who hadn’t backed up any of the company’s information on the cloud. It was all sitting on hard drives, and suddenly, they weren’t able to access any of it. They paid the ransom to get the data back because, really, what else could they do?

In 2015, about 50% of cyberattacks worldwide hit small businesses. Small businesses can be unsuspecting, and invest less in cybersecurity than large corporations. Hackers can attack more than one small business at a time, and increasingly, they’re doing this with ransomware. For hackers, ransomware is simple and lucrative. There’s no need to ferret out financial data and resell it, or interact with banks. All it takes is one employee to open a file containing malware. Then, thieves can potentially get a payout directly from the business whose livelihood is at stake.

This comes at a time when small businesses are increasingly seeking ways to be more competitive with cutthroat giants like Amazon and Walmart. Out of Quickbooks’ ways to increase small business profits, the top two are:

  • Go paperless
  • Switch to electronic forms and filing

As small businesses heed this advice, hackers lineup to block their access to files. In an interview with NBC, the executive security director of IBM Security Limor Kessem says, “It's like some sort of gold rush. Cybercriminals are using ransomware to bring extortion to the masses and more criminals are now doing it because they're interested in getting a piece of the action.” Ransomware payments reached an estimated $1 billion in 2016, up from $24 million in 2015. At the same time, small businesses were hit with eight times more attacks in 2016 than in 2015. According to a study from IBM, only 30% of small businesses offer cybersecurity training to their employees, which makes them more vulnerable.

When I talked to Dan, the salesman whose company eventually paid a data ransom, he felt that if his company’s data had been backed up to the cloud, they could have avoided paying the ransom. “The cloud is where a lot of businesses our size are going anyhow,” he said. Turns out he’s dead on the money.

Small business, the cloud, and security

About 78% of small businesses will adapt their operations to cloud by the year 2020, up from the nearly 40% that are already there. One primary reason for this is the convenience of SaaS; another is “Hives”, groups of individuals who collaborate virtually from remote locations, some freelance, others part of the core unit. The desire to compete head-to-head with big business is also driving this trend.

But is the cloud safe from ransomware? Depends. Brian Krebs details the story of an acting agency for children that fell prey to a cloud ransomware scheme. The firm had all their applications and data hosted on a private managed cloud solution. Here again, ransomware struck through email. An employee opened an attachment that looked like an invoice, and the company was no longer able to access more than 4,000 files. Fortunately, the cloud provider was also providing backup. The firm was able to get their files back, but it took nearly a week. The attack also affected other clients on the same server.

If cloud files aren’t backed up, they’re vulnerable. Cloud hosting and storage alone won’t do the trick. Eastern Kentucky University identifies attacks on cloud services as one of the looming threats in cybersecurity. EKU identifies seven components of cybersecurity which can be seen in the featured image.

Anti-malware specifically targets infections, such as ransomware. Anti-malware applications run files in an emulator, testing them for threats with a behavioral assessment in the application, and in the cloud. There are security applications for mobile phones, too–highly recommended if employees conduct any sort of business on their phones. Note that cybersecurity training is also critical. If small businesses are going to invest more of their resources in the cloud, security training will be a prerogative. In order for small businesses to compete with big businesses, they will need to compete in the training arena as well.

By Daniel Matthews

Daniel Matthews

Daniel Matthews is a freelance writer from Boise, ID. Daniel received his Bachelor’s in English from Boise State University in 2006, and is currently working on a book about the 2008 financial crisis. Widely-published online, he specializes in research and analysis that sheds light on the intersection of tech, business, and current affairs. Daniel is an avid writer and technology enthusiast whose mission is to bring journalistic integrity and informed opinions to his audience in ways that make them think differently about the world. You can find him on Twitter and LinkedIn.

View Website
Cloud Data Migration

Cloud Data Migration: What An ISV Needs To Know

Cloud Data Migration Cloud Data migration is not new to ISVs. Data conversion from legacy systems during new implementations is ...
5 Basic Safety Tips For Cloud Backups

5 Basic Safety Tips For Cloud Backups

Basic Cloud Backup Tips If you’re worried about the security of your data when it comes to cloud computing adoption, ...
Top Five Challenges Of Cloud Computing

Top Five Challenges Of Cloud Computing

Top Five Challenges Of Cloud Computing Cloud computing challenges have always been there. Companies are increasingly aware of the business ...
malware tracking maps

Live Hacking and Ransomware Tracking Maps Online

Hacking and Ransomware Tracking Maps We've recently covered a few live hacking maps but have decided to extend the list ...
Why Failure To Invest In Online Backup Could Be The Worst Business Decision You Ever Make

Why Failure To Invest In Online Backup Could Be The Worst Business Decision You Ever Make

Failure to Invest In Online Backup Could Be Costly Success in business is a combination of many things – the ...
The Path to the Cloud: A Look at Different Approaches to Cloud Migration

The Path to the Cloud: A Look at Different Approaches to Cloud Migration

Different Approaches to Cloud Migration The public cloud has gained considerable momentum this past decade. Concerns about cost and security ...
Cloud Migration and Cyberwar

Cloud Migration and Cyberwar

Cyberwar Concerns This last week the Washington Post published a bombshell story on the recent attacks on the US election infrastructure ironically ...
Is There Still A Place For On-premise Migration Tools In The Cloud?

Is There Still A Place For On-premise Migration Tools In The Cloud?

On-premise Migration Tools With the popularity of cheap and convenient online migration tools, it’s hard to imagine why there would ...
Countdown To A Successful Cloud Migration

Countdown To A Successful Cloud Migration

Successful Cloud Migration The intrinsic benefits of the cloud such as rapid and affordable access to superior technology, reduced operational ...
Cloud Infographic: Evolution Of The Backup

Cloud Infographic: Evolution Of The Backup

Cloud Infographic: Evolution Of The Backup Even though cloud backup solutions have matured a lot over the past ten years, ...
Backblaze Study: Backing Up The Big Data Backup

Backblaze Study: Backing Up The Big Data Backup

Backblaze Study Backing up data in any business is essential but with the rate of hard drive failure purported to ...
How to protect your data with the 3-2-1 strategy

How to protect your data with the 3-2-1 strategy

How To Protect Your Data Every once in a while we all find ourselves in a situation where our data ...
How to Improve the Backup Success Rate of Data Centers?

How to Improve the Backup Success Rate of Data Centers?

Improve Backup Success Rate According to industry analysts, a significant number of backup jobs (from 5 to 25%) are failing ...
Cloud Email Migration? Beware Of Unintentional Data Spoliation!

Cloud Email Migration? Beware Of Unintentional Data Spoliation!

Cloud Email Migration In today’s litigious society, preserving your company’s data is a must if you (and your legal team) ...
The Importance of Cloud Backups: Guarding Your Data Against Hackers

The Importance of Cloud Backups: Guarding Your Data Against Hackers

The Importance of Cloud Backups Cloud platforms have become a necessary part of modern business with the benefits far outweighing ...