Ticking Time Bomb: Russian Ransomware Attacks Coming for Small Businesses

As Russian military forces escalate attacks in Ukraine, the United States is bracing for another kind of invasion closer to home.

The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency has increased monitoring of ransomware targeting businesses. Jen Easterly, who heads CISA, says the nation should brace for “an uptick in ransomware.”

Ransomware attacks have surged in recent years, increasingly striking smaller targets. “It’s incredibly profitable for hackers, so much so that ransomware attacks have doubled in each of the last two years and account for 22% of all 2021 cyberattacks,” said SecureLink chief technical officer Joel Burleson-Davis.

Small businesses are most vulnerable to the expected wave of ransomware attacks. Cybersecurity professionals are urging them to take immediate steps to defend themselves.

“Most small businesses are the perfect target for ransomware hackers,” said Corey White, CEO of security firm Cyvatar. They have fewer resources and staffing to prepare for, defend against and recover from attacks, sometimes with devastating consequences.

“Unfortunately, small businesses are targeted more often because they are more vulnerable yet have access to the same critical data or systems that cybercriminals are seeking,” said Eman El-Sheikh, associate vice president of the University of West Florida Center for Cybersecurity.

The risk of ransomware attacks has only increased with Russia’s invasion of Ukraine, said Aimei Wei, founder and chief technology officer of Stellar Cyber.

“Immediately after the conflict broke out, suspected Russian-sourced cyberattacks were observed over a 48-hour period at an increase of over 800%,” she said.

“As the Russian economy takes a major hit from global sanctions, this will cause immense pressure on organized cybercrime rings based in Russia,” he said. “These cybercriminals have been leveraging ransomware as their go-to currency.”

In ransomware attacks, hackers lock down computer networks and demand payment to regain access. Some target big companies in pursuit of lucrative paydays, while others use a “spray and pray” approach to ransom as many victims as they can find.

Yet the vast majority of small business owners don’t believe they will fall victim.

“Most are worrying about the day-to-day aspects of running their business. Cyberattacks often escape their attention,” Hallenbeck said. “When they do hear about it, they often hear of large companies paying sizable ransoms. It's tempting to view your business as being too small of a fish.”

As a result, small businesses frequently don’t know which of their systems are exposed on the internet.

They don’t keep software up to date or patch security flaws. They don't know the vulnerabilities of the third-party software for payroll and other systems they rely on. They don’t back up files. And they don’t use multifactor authentication, which provides an extra layer of security by prompting users logging into company systems to enter a code sent as a text message, email or push notification to their phones.

SOURCE: USA Today