Founder @ NowSourcing | Contributor at Hackernoon | Advisor: Google Small Biz, SXSW
In the next five years, it’s expected that 75% of all businesses will be faced with some kind of ransomware attack. Since the outbreak of the COVID pandemic, ransomware attacks have risen by more than 400%, and the cost to businesses is skyrocketing as well. In fact, in just 2021, the cost of these attacks will reach over 20 billion dollars, and the cost of recovery is almost 2 million dollars for every single affected business.
With the huge surge in remote work and the use of personal devices and personal or public networks, cybercriminals have found a massive number of new security vulnerabilities that simply weren’t there when employees were under the umbrella of company networks and company security measures.
The premise for these attacks is pretty simple. Someone opens an email, pop-up, ad, or other notification and the malicious software gains access to the device or network. Through either lockout ransomware or crypto ransomware, either the entire device is locked or files, documents, and software are locked. Then comes the demand for ransom payments in exchange for decryption keys. The ransom is paid via cryptocurrencies, such as Bitcoin, and access is reinstated while cyber criminals get away with their demands.
Businesses are having a more difficult time keeping up with the onslaught of attacks since the pandemic. Sixty-two percent of SMBs simply have a shortage of in-house cybersecurity. Sixty percent of them don’t have a cyber security policy at all, and 58% of businesses just don’t have the necessary budget to meet the demands.
While security technology does benefit companies greatly, these attacks are implemented by humans, and it requires human expertise and intuition to prevent their success.
The average person receives 63.5 notifications every single day. Some of these are valid, and some of these are malicious. Although security measures can weed out some of the threats, only a trained cyber security team can truly recognize and sort through what is harmless, what’s malicious, and what could be a false positive. It takes technology and humans to keep businesses safe from technological attacks created by humans.