Why Small and Medium-Sized Professional Service Firms Are a Big Target for Ransomware Attacks

If you focus only on the headlines, even in the specialist tech press, you’d be forgiven for thinking that ransomware attacks were mainly a problem for larger businesses and institutions. Those incidents which make the news tend to feature attention-grabbing numbers. These can be either in the size of ransoms demanded or the costs of restoration and recovery. Another type of attack that will always get in the news, would be related to vital services – the hospitals, schools, police departments, or other government services – whose disruption is likely to cause widespread concern. When a major bank, tech firm, logistics or telecoms provider, or well-known institution is knocked offline for days at a time, it tends to make the news.

At the other end of the scale are the individuals, and perhaps micro-businesses, hit by entirely automated malware infections. In these cases, mostly ultimately traceable to a spam email, or malicious advertisement in a video game, someone’s personal PC or laptop has been locked up and cherished photos, a draft of a novel or list of local customers is leveraged to extort a few hundred dollars in Bitcoin. 

For much of the history of the ransomware threat, these have been the bulk of the victims, and the topic of most of the scare stories, at least until the rise of cloud services and automated duplication of data across devices gave us all an easy way to back up our data. But in between these two, there is another group which gets far less attention than it should – small to medium-sized businesses, many of them providing professional services such as legal or financial advice. Small businesses are the largest employer in the US, and make up the foundation of the US economy.  The impact prevalence of ransomware on this industry segment stands out from other industries.

Ransomware Stats for Small and Medium-Sized Businesses

Coveware’s latest set of statistics from Q3 of 2020 show that more than 70% of ransomware incidents were companies with fewer than 1,000 employees, and 60% had revenues of less than $50 million. Looking at the breakdown by industry sector, more than a quarter of companies are in the professional services category, by…


‘Ransomware attacks on pharma sector to increase’ – News Today

Chennai: Quick Heal Technologies Limited, has released its threat predictions that will share the future of cybersecurity in 2021 and beyond.

In a statement, it said, “Previously, advanced ransomware attacks like WannaCry, Petya, Ryuk, Grandcrab etc. used to only encrypt disks or files and demand a ransom payment in return for a decryption key. Now a new ransomware trend is observed which not only encrypts user files but also exfiltrates private and sensitive information. On denial of ransom, adversaries threaten to release hijacked information in public.”

Numerous hospitals, Covid-19 research firms, and pharma companies have fallen victim to ransomware in the last quarter of ‘20, making it necessary for them to adopt or deploy a comprehensive set of security solutions.

Cobalt Strike is a threat emulation toolkit that is often being used for post-exploitation, covert communication, and browser pivoting, among other malicious purposes.

With the Covid-19 pandemic, almost all organisations have rolled out a remote working model, businesses have introduced tools to facilitate employees to connect to office networks from home and collaborate.

This new infrastructure must be managed and configured with great precision.

The booming cryptocurrency values will invite even more threat actors towards developing stealthier crypto-miners and generate higher revenues in 2021.

Himanshu Dubey, director, Quick Heal Security Labs, said, “The pandemic acted as a huge opportunity for cyber criminals to innovate their attack strategies further, and steal sensitive data for their personal gain. These advancements are likely to continue in the coming year as well. For instance, new tactics like double extortion, crypto-mining, ethical hacking, etc. are expected to be widely adopted by threat actors in 2021”.