Read a recent article that the ~ Snipped as per TOS ~ are now targeting small businesses primarily. Appears most will just pay the ransom given it's not exorbitant rather than dealing with the hassle of removing the malware and restoring their files. Also most don't want to take a hit business-wise during the removal/restore process. Appears they never heard of the concept of doing system backups.
That's true, but keep in mind that a lot of businesses have had backups in place - but found that even their backups were encrypted. They've had to learn the hard way to practice defensive computing by having backups offline.
This is a difficult question. The business will have to put everything into scale if they didn't encrypt their work and were compromised by a ransomware. Usually the ransom is around the value of one bitcoin, right? At the moment, that amounts to $237.54 USD (if I'm not wrong). Even small business can have work saved on the computer that would amount to more than that. Not only so, but sometimes business (be them small or big) have important files that relate to long-term customers (such as newspapers or tabloids) and such files cannot be replaced because they only existed on the kidnapped machine. With all this in mind, if the rescue value is lower than what the files are worth, I'd pay the ransom. If not, I'd just start over.
What is needed is a way to help small businesses from becoming victims in the first place by showing them how to set up their computing systems so that unauthorized executable files cannot run. Some References: http://www.enigmasoftware.com/cryptowallransomware-removal/ https://heatsoftware.com/security-blog/10324/how-do-you-protect-your-systems-from-ransomware/ ---- rich
Prevention, prevention, etc. Even some of the basic programs discussed here would block the ransomware. That would be cheaper.
Problem is, most business owners are not aware of any kind of protection. A good percentage of them still use Windows XP with no antivirus Education for prevention is a good thing; too bad most victims will learn the lesson in the worst possible way.
Are these guys small time extortionists who are hitting small business? That is, not big organised crime. It seems to me that if the ransom is one bitcoin it has to be an opportunist. I know some small business people who look at their business as being way too small to be targeted. Their inventory/assets have real value but they have modest earnings. The ones I know have limited computer skills and have this idea that they need to bring in some high priced consultant or super geek to protect their business from attack so they prefer to do no more than the average user does. A daily backup of their data on external media takes minimum effort and expense but it is mind boggling how many do not do this. As they say, you can lead a horse to water, but you can not make it drink.
Unfortunately I don't have a source for this specific number, it is based on my own experience So it's not reputable.... at all