SMEs are still the main attraction for cybercriminals, given that one in three leave their cybersecurity in the hands of personnel who often lack experience dealing with this type of threat.
Most of all, this company profile is the preferred victim for ransomware, in which their computerised information is held hostage.
In fact, it happens to them again and again – of the SMEs who have been affected by an incident of this kind in the last year, 37% of them have experienced it two or three times, according to data revealed by Kaspersky Lab in a recent study.
But it doesn’t just affect the little guys. Recently, large companies like Telefónica and Netflix have suffered from ransomware attacks, although only the latter has admitted to it. When they refused to pay the ransom the hackers were demanding, some of their content set for release in the upcoming months was leaked onto P2P download sites.
Instant information hijacks
In this type of cyber attack, the criminal encrypts the information with a virus and demands a ransom to return it.
Although law enforcement authorities were already aware of the practice, it seems that this “instant hijack” is currently becoming more virulent and focusing on company computers.
As well as locking the computer screen and making it impossible to use, the cybercriminals grab the information stored on the device and encrypt it.
Once the device is infected, which is a problem in itself for the business owners, the criminals’ next step is to try to get money by demanding a ransom, often around 5,000 euros.
Usually, the instructions for paying the ransom appear in a text file on the computer , and sometimes on the screen itself. They are usually written in English and advise the victim that if they want to recover the encrypted information, to make contact via email and pay the ransom with a pre-paid card to keep the transaction anonymous.
The cybercriminals carrying out these attacks have been identified as specialist criminal networks who buy the viruses from their creators.
According to the law enforcement bodies investigating these cases, each one has a part of the business: some create and sell the tool, and others buy the kit and profit from the victims.
The simplest recommendations to prevent information hijacking is to make backup copies of the company’s most important and sensitive data, and store them in a device not connected to the computer, as otherwise it could also be infected.
According to Kaspersky Lab, 27% of ransomware victims take weeks to regain access to their data, which for SMEs means risking loss of business, loss of revenue and damage to their reputation.
