The Clearsale Blog

Ransomware: What Merchants Need to Know About This Major Threat

Ransomware: What Merchants Need to Know About This Major Threat

Recently, a bold new player has emerged in the world of cybersecurity: ransomware. It’s one of the biggest cyberthreats we’ve seen in years, and it’s critical that you understand what it is – so you can protect your business.

Why is ransomware such a big deal?

Ransomware is an attempt by a cybercriminal to extort payment from a business by infiltrating and commandeering its technology systems. The criminals then threaten to shut down the business’s operations or delete critical files unless a hefty ransom is paid.

Just how big of a threat is ransomware? According to a recent study by Trend Micro, in the first three months of 2016 alone, ransomware led to a breathtaking $209 million in losses for U.S. businesses – a number that is only expected to grow.

Ransomware enters into business systems in several sneaky ways:

  • Delivered via attachments in spammed email: 58%
  • Downloaded from URLs hosting ransomware: 40%
  • Other means: 2%

Once unleashed, these ransomware files hold hostage to everything from database files (52%) to SQL files (19%) and websites (14%).  

Alarmingly, the nature of ransomware continues to evolve. Recent exploits include cyberhackers that threatened to delete a number of files for every hour the ransom wasn’t paid or another incident that upped the ransom payment for every hour past the demanded deadline.

What’s at stake for e-commerce websites?

Unfortunately, ransomware is more than just a financial nuisance for the businesses that fall prey to these attacks. While there’s an obvious direct monetary cost to paying a ransom, there’s also the potentially significant opportunity cost of lost sales and damaged reputation that can result from a hijacked website.

Forced into a difficult Sophie’s Choice, many victims will simply bite the bullet and pay their ransomware extorters – mentally writing it off as a cost of doing business in today’s tech age.

While experts generally advise against this course of action, some business owners find the threat of losing critical files or a prolonged website shutdown to be serious enough that simply paying the demand is the most efficient way to dispose of the problem.

But when ransoms can run exorbitantly between $10,000 to $50,000 or more per incident (usually payable only in some untraceable form of cryptocurrency, such as Bitcoin), merchants owe it to themselves to prevent an attack from happening in the first place.

What can merchants do to protect themselves?

If all of this sounds scary, good. You should be scared! Fortunately, there are a number of steps you can take to reduce your risk of falling victim to a ransomware attack.

Educate your staff

Start by having regular and ongoing conversations with all employees. Make sure they understand what ransomware is, how to recognize potential ransomware threats, and what to do if they run across anything suspicious. 

Update software and apply security patches regularly

This may seem obvious, but a surprising number of companies take a lax approach to routine maintenance. Because ransomware viruses can penetrate a system through an unpatched server or software, keeping your systems up to date is absolutely critical.

Upgrade your network defenses

Current best practices that your IT team should have in place include monitoring network ports with reputation-based analysis and blocking, script emulation and zero-day exploit detection. Meanwhile, behavior monitoring helps defend endpoint machines by detecting rapid encryption of multiple files in a system, stopping encryption and blocking ransomware from spreading more damage, while application controls help allow only the execution of safe apps identified in a white list.

The battle against ransomware represents a major threat to all businesses. And yet, simply staying aware and vigilant is your first and best line of defense. 

Download Credit Card Fraud eBook

You may also like

[Industry Focus] Fraud Risk Profile for Nutraceutical and Drug Retailers

[Industry Focus] Fraud Risk Profile for Nutraceutical and Drug Retailers

As people become more conscious of what they’re putting into their bodies, there’s been an increased demand for high-quality supplements and healthful food and beverages. The result has been a..

3 Ways Tech Can Benefit Remote Teams

3 Ways Tech Can Benefit Remote Teams

Ecommerce businesses are used to an ever-evolving digital connection between them and their customers. But 2020’s COVID-19 pandemic has resulted in that digital connection making its way into the..

Shopping Habits by Gender: What’s Changed in 2020

Shopping Habits by Gender: What’s Changed in 2020

Do men hate shopping online? Are women more worried about fraud?

How Management Should Contribute to Fraud Protection

How Management Should Contribute to Fraud Protection

As companies grow, management often delegates business-critical tasks—marketing, technology, fraud prevention—to different departments. While it might seem to be an efficient way to get things..

“I Don’t Need Fraud Protection — My Business Isn’t at Risk!”

“I Don’t Need Fraud Protection — My Business Isn’t at Risk!”

As an e-commerce merchant, you know the risk of fraud, false declines and chargebacks. But maybe you think it won’t happen to you because you’re a relatively new — or small — e-commerce merchant,..

How Backtesting Can Improve Fraud Prevention

How Backtesting Can Improve Fraud Prevention

They say hindsight is 20/20, and that’s especially true for e-commerce merchants looking to increase their approval rates and decrease fraudulent transactions. It’s easy to look back at..

Is Fraud Risk Scaring You Away From International Shipping?

Is Fraud Risk Scaring You Away From International Shipping?

With cross-border shopping estimated to make up 20% of e-commerce in 2022, many merchants are right to consider expanding into other countries. So what’s stopping them from pulling the trigger?

Preparing Your E-Commerce Store for the Holiday Season

Preparing Your E-Commerce Store for the Holiday Season

It might still be summer on the calendar, but the holiday shopping season is just around the corner.  Are you ready?

Impact Analysis: Declined Transactions vs. Fraudulent Transactions

Impact Analysis: Declined Transactions vs. Fraudulent Transactions

Selling products and services online offers great opportunities for merchants, but it’s not without risk. Savvy cybercriminals use stolen personal data to defraud merchants, and sometimes, a..

Want to write
for our blog?

Please review our writers' guidelines
https://www2.clear.sale/press/clearsale-guest-blog-guidelines
and then email guestwriter@clear.sale with your pitch!

Subscribe to our blog