Leveraging both system and human vulnerabilities, ransomware attackers are gaining access to machines and maliciously encrypting data and demanding a ransom paid to the creator of the malware in order for this data to be restored. Due to the fact that ransom must be paid in anonymous Bitcoin currency, this particular cybercrime is almost impossible to remedy once committed and has quickly become the method of choice for cyber smash-and-grab thieves.
Consider a system that houses critical financial data, customer information, development code, or even simply important business documents and presentations. The inability to access those files, while initially a nuisance, could quickly escalate into a business catastrophe.
While this may sound like a perfect attack method to enable large-scale financial pilfering and corporate espionage, this malware does not discriminate — the perpetrators are going forward with a dragnet type of approach, targeting any unsuspecting victim, regardless of company, role, or affiliation. In the corporate setting, this means all users are targets. But as large enterprises continue to invest in complex, multi-layered security in response to the daily onslaught of attacks like ransomware, the small and medium enterprise (SME) segment continues to be the weak and easy prey, the "soft targets" that attackers enjoy the most.
Don't miss: IT Security in the Snowden Era (TechRepublic/ZDNet Special Feature)
How did we get here?
Many SMEs operate under a sense of denial when it comes to security — they consider themselves too small a target for would-be cyber attacks. When compounded with the fact that they often don't have a dedicated IT/security department, this creates a situation where assets and data are unduly put at risk.
According to the Ponemon Institute (PDF), "The chances of an organization being hacked in a 12-month period is a statistical certainty and businesses of every type and sizes are vulnerable to attacks." It seems logical that your odds of being hacked increase as the breadth of your security decreases, which is often the situation SME's find themselves in.
An attack on one SME might not deliver the same gains as a Fortune 500 financial services company, but given the greater ease through which hackers can attack SMEs, the volume-based approach employed by the cyber thieves highlights the risk to the lesser-protected.
When "everywhere" is your office
Given the continued blurring of the network perimeter with mobile devices traveling in and out of the corporate setting, what little protection that is provided often disappears the moment the device — most often a company-owned laptop or tablet — leaves the building.
Mobile employees often connect to the Internet from a café, hotel, or airport Wi-Fi. Surfing the web or opening an email containing a malicious attachment, their machine can be inadvertently infected with ransomware (or any malware for that matter). Unaware of the infection, they bring the laptop back into the office, at which point the ransomware spiders out across all connected network drives and infects the entire network, putting the business at risk of catastrophic impact.
As you can see from this all-too-real example, it really doesn't matter how much security technology the company has protecting its network: In today's world the endpoint device has become the weakest link in the perimeter — requiring a different approach to security.
What can SMEs do? Look to the cloud.
Traditional network-based security solutions such as firewalls, UTMs, and gateway filters are simply no longer sufficient protection in today's increasingly "perimeter-less" world. Today's business environment demands real-time protection that can keep users continuously protected, regardless of their location. This doesn't necessarily always mean costly, complex security.
Thankfully for SMEs, there are innovative security solutions available that can be deployed via the cloud. As it has done for other IT functions, the cloud has created security advantages for organizations, especially for SMEs. These advantages include:
- Persistent coverage for the protected user — at home, at an airport, at Starbucks — ensuring that malware such as ransomware doesn't make its way on to systems, putting critical company data at risk.
- Updates without impact to end users or machine availability.
- A reduced capital and operational expenses, which is increasingly important to SMEs and state and local governments.