Small Financial Organizations at Risk of Ransomware, Too
Ransomware incidents continue to gain headlines. We recently wrote about the cyberattack directed at Kaseya, a remote monitoring and management software company, and their customers. It was one of the largest ransomware attacks in history. Since then, that story has turned into an epic saga, creating ongoing PR and financial woes.
It may seem like we hear primarily about large-scale attacks like the one Kaseya is still working through. But small and medium sized businesses that were customers of Kaseya — an estimated 800 to 1500 SMBs — were also directly affected.
The threat to small financial institutions with less than $35 million in revenue has been rising for years. A ransomware request with a high price tag, affecting a small but foundational customer base, can be a company-shattering financial hit.
“Ransomware is an ever-evolving form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for decryption. Ransomware actors often target and threaten to sell or leak exfiltrated data or authentication information if the ransom is not paid.” – CISA.gov
Ransomware trends
Cyber attackers continue to push boundaries and grow more sophisticated, as evidenced in the Kaseya attack. Rather than exploiting basic security vulnerabilities for financial gain, the attackers’ method was likely well-funded and meant to extract intellectual property and trade secrets from a service provider with customers around the globe.
Additionally, the pandemic’s effect of decentralizing workplaces further opened the opportunity for attackers to test cybersecurity limits for personal devices, networks and applications.
Financial services and insurance are some of the most heavily targeted organizations. In fact, cyberattacks are 300 times as likely in financial services than in other industries. A few notable trends include:
- The average ransom fee requested has increased from $5,000 in 2018 to around $200,000 in 2020 (an increase of 390%)
- In 2021, the largest ransomware payout was made by an insurance company at $40 million, setting a world record
- The average cost of downtime is 24 times higher than the average ransom amount
- Two out of five SMBs have fallen victim to a ransomware attack
As these trends continue, it’s more important than ever for financial firms to protect their information, their employee and customer data, and ultimately, their business.
WFH and mobile
Ongoing remote and hybrid workplace policies have unleashed the need for mobile devices on disparate networks. Some organizations have defined bring-your-own-device (BYOD) policies, where employees are enabled to access company assets and applications using their personal devices.
This poses a threat to a firm’s cybersecurity because there is no centralized control over the security posture of an endpoint device such as a personal laptop, tablet or phone. A BYOD user may have applications or malware on their devices that can give bad actors an access point to company data.
Most employee-owned devices are not appropriately protected. And cybersecurity issues are only becoming more challenging as people lean on video conferencing platforms to meet with clients and collaborate with colleagues — a shift that has also affected the ability for firms to manage communications compliance. Adding cyberattacks to the mix can put financial firms in a vulnerable spot.
What SMBs can do
To stay vigilant against ransomware and other cyberattacks requires the ability to monitor, remediate and enforce cybersecurity compliance on any user or device, at any time. With Entreda’s cybersecurity risk mitigation platform, SMBs can automate cybersecurity controls across devices, users, networks and applications allowing customers to:
- Achieve top-tier cybersecurity protection
- Reduce compliance and audit preparation time
- Gain peace of mind to focus on the business
Ransomware attacks have become part of our reality. Making headlines for failure to prevent cyberattacks doesn’t have to be.
Share this post!
Smarsh Blog
Our internal subject matter experts and our network of external industry experts are featured with insights into the technology and industry trends that affect your electronic communications compliance initiatives. Sign up to benefit from their deep understanding, tips and best practices regarding how your company can manage compliance risk while unlocking the business value of your communications data.
Ready to enable compliant productivity?
Join the 6,500+ customers using Smarsh to drive their business forward.
Subscribe to the Smarsh Blog Digest
Subscribe to receive a monthly digest of articles exploring regulatory updates, news, trends and best practices in electronic communications capture and archiving.
Smarsh handles information you submit to Smarsh in accordance with its Privacy Policy. By clicking "submit", you consent to Smarsh processing your information and storing it in accordance with the Privacy Policy and agree to receive communications from Smarsh and its third-party partners regarding products and services that may be of interest to you. You may withdraw your consent at any time by emailing privacy@smarsh.com.
FOLLOW US