Small businesses paid cybercriminals millions last year to unlock their files. That’s why experts published a new plan with tips on how to protect and recover from ransomware attacks.
JUANA SUMMERS, ACTIVE:
Small businesses have paid hundreds of millions of dollars to cybercriminals in the last year alone. And now a group of experts has released a plan full of tips on how to prepare for a potential ransomware attack. We’re joined now by NPR’s cybersecurity correspondent Jenna McLaughlin, and she’ll help us break down the findings. Hello, Jenna.
JENNA MCLAUGHLIN, BYLINE: Hey there.
SUMMERS: So can we start with the basics here? What is ransomware? And I also hope you can give us an understanding of the scope of the problem.
MCLAUGHLIN: Sure. So, ransomware refers to a very popular type of cybercrime where hackers break into your system, lock it, and demand payment for the key to unlock it all. It has actually become a vibrant industry. Some groups work on gaining access to systems and sell that access, while others will write malware or malicious code. The Ransomware Task Force—which was formed in 2021, including stakeholders from government, academia, think tanks, and the private sector—actually pooled a lot of data on the problem. According to their surveys, victims paid over $600 million to these cybercriminals in 2021 alone.
SUMMERS: Wow.
MCLAUGHLIN: And, yes, 70% of the attacks targeted organizations with 500 or fewer employees.
SUMMERS: OK. This is really surprising. But what did they then suggest businesses do about it?
MCLAUGHLIN: So it’s not that easy to answer because cybercriminals are always adapting. But the task force partnered with the Center for Internet Security to crack down on it. There is a timeline of actionable things companies must do. First, it is very important that the company has a deep understanding of what your network actually looks like and how it works on a normal day. It sounds simple, but here’s the thing. Experts told me that criminals usually know their victims’ networks much better than they do. This is Valicia Stacchetti(ph) from the Center for Internet Safety.
VALICIA STACCHETTI: There are a lot of attackers out there that I’m sure know the software much, much more comprehensively than maybe some other people, which is not good. And that’s why we need this kind of work to make our defenses more resilient.
SUMMERS: OK – make our defenses more resilient. Yes. But on a practical level, what does this actually mean?
MCLAUGHLIN: So Stacchetti said her top tip is to use multi-factor authentication. It’s a fancy way of saying some method of proving you’re who you say you are – so not just a password, but an authenticator app, a physical, biometric token. You should also keep your software up to date. Keep an eye out for patches that become available. Lock the doors and windows that criminals like to break, basically. And train your employees. Make sure they know the basics. The report’s authors acknowledge that sometimes cybercriminals will get in anyway, even if you’re doing everything right. If they do, companies should know in advance what their plan is and should have backups that are encrypted and not connected to their primary network.
SUMMERS: All right. So I don’t have a business, but none of this sounds cheap. I imagine if one has a small or medium sized business they may not have enough resources to handle this. And as you point out, these criminals demand millions of dollars in some cases.
MCLAUGHLIN: Yeah, that’s a big concern. So most of the action items in the report are meant to be fairly simple and affordable. But when it comes to actually paying out rewards, cyber insurance often comes in handy. A new survey from BlackBerry and Corvus Insurance found that many businesses are worried that their policies won’t cover the cost of claims, that their premiums are going up and that they aren’t actually sure what their policies cover. I spoke with one of the authors of the project, who comes from the insurance industry, and he says that insurance companies should focus on proactively requiring companies to have some of these safeguards in place to help protect , but also to limit really expensive payments in the first place.
SUMMERS: NPR’s Jenna McLaughlin. Thank you.
MCLAUGHLIN: Thank you.
(SUNDBITE OF MARTIN TERRACE’S SONG, “THIS MORNING (FEAT. ARIN RAY AND SMINO)”)
Copyright © 2022 NPR. All rights reserved. Visit our website terms of use and permission pages at www.npr.org for further information.
NPR transcripts are created on a rush timeline by an NPR contractor. This text may not be in its final form and may be updated or revised in the future. Accuracy and availability may vary. The authoritative recording of NPR programming is the audio recording.
