The risks of ransomware for small business owners

When we picture digital attacks on businesses, we imagine massive corporations as the victims— those with large financial resources.

But small businesses are frequently targeted with ransomware, and owners should understand the potential risks.

What does ransomware do?

Ransomware is a form of malicious software—often called malware—that tends to come in one of two forms: locker and crypto. With locker, the hard drive of the computer becomes encrypted, whereas specific files become encrypted with crypto. In both cases, owner access is disabled. The files that are compromised are usually those that the ransomware identifies as important.

What is the purpose of ransomware?

As the name implies, the software’s purpose is to get a ransom out of the owner of the computer or files. Once the owner pays a fee, the hard drive or files become unlocked. If the owner does not pay, ransomware can delete the hard drive or files permanently. Fees are often paid through cryptocurrency to render the money trail untraceable. It’s estimated that criminals can earn up to a million dollars a day in ransom.

How much risk is there for small businesses?

It’s easier for criminals to go after smaller companies for a lesser profit, than to select a big target for a single, large payout. As a result, about 50 percent of all ransomware attacks are on small businesses.

How to guard against ransomware attacks

There are a few basic steps you can take to guard against ransomware. First, make certain you have ransomware detection and defenses on devices used to store business-related files. Second, regularly backup vital files to external drives. Third, train your employees on how to avoid ransomware attacks and what to do if one occurs.

What can you expect if you do not guard against ransomware?

Ransomware attacks are not generally targeted; they are run by bots and get to your system through free software downloads or predatory emails. As a result, you can expect to either pay a fee or lose data. The fee varies depending on what the criminal thinks you are worth. There is often a deadline for paying, which can be difficult for small businesses, especially if they’re not already involved with cryptocurrency.