Get All Access for $5/mo

Business Cyber Attacks Top 4,000 Per Day: Your Guide to Ransomware Counsel your employees: Next time they encounter email claims that "payment is overdue" or your company is "in litigation," don't open any links!

By Jorge Rey

Opinions expressed by Entrepreneur contributors are their own.


Earlier this month, I received a call: Yet another company had become a victim of ransomware. The type of malware involved was one hackers commonly use to encrypt data on employees' or companies' computers. They then demand ransom, usually in Bitcoin, to unlock the information or the computers.

Related: 5 Growing Cyber-Security Epicenters Around the World

Such occurrences are growing in number: The FBI has reported that since January 1, 2016, more than 4,000 ransomware attacks have occurred on a daily basis (on average). That's a 300 percent increase from 2015, when 1,000 attacks occurred daily.

Picture yourself receiving one of these alerts from an employee. He or she reports a notification that the company's data has been encrypted and is being held for ransom. How will you feel? How will you cope with the fact that whatever sales meeting or product roll-out that was planned has to wait until the data issue is resolved?

Next, how long will these business activities be delayed? That depends on how good your backups are and how fast you can recover your systems. And, unfortunately, backups might not be the only thing you have to worry about. Recently, cybersecurity researchers at Kaspersky Lab discovered a new form of ransomware that encrypts your data, steals passwords from your email system and sends the passwords to a remote hacker.

Given this development, how safe do you think your company's data really is?

A recent report shows that up to 93 percent of phishing emails are now ransomware. Hackers often target employees by sending an email claiming that payment is overdue or your company is in litigation. If one of your employees clicks a link or downloads an attachment from the hacker, the ransomware is installed while the employee is being distracted with a random document until the ransom note is displayed.

Related: Expert Hacker Shares 3 Ways Small Businesses Can Minimize Cybersecurity Threats

Once you've been infected with ransomware, your computer will likely display messages like these:

  • "Your computer was used to visit illegal content. To unlock your computer, you must pay a $100 fine."

  • "You only have 96 hours to submit the payment. If you do not send money within the provided time, all of your files will be permanently encrypted and no one will be able to recover them."

Hackers get paid because they take advantage of companies with poor backup procedures and employees' carelessness when clicking on bad links or downloading email attachments from people they don't know. What can you do to protect your company? Unfortunately, if you are connected to the internet, 100 percent prevention of ransomware attack is not likely. However, there are ways to minimize the risk, and you can mitigate the impact if an attack occurs. The following are a few important areas to consider.


If you're not training your employees on phishing and spear-phishing, your company may be at great risk. These types of social engineering attacks try to exploit your employees to gain access to your IT system. Verizon's 2016 Data Breach Investigations Report recommended providing employees with phishing awareness training and providing a means for them to report incidents. A qualified consultant can conduct phishing testing at your company to increase your employees' awareness of these kinds of threats and reduce the likelihood that they will to fall victim to social engineering attacks.


Configure strong spam filters to prevent phishing emails from being delivered to your employees, prevent email spoofing and scan all incoming and outgoing emails to prevent executable files from reaching business users. The Verizon report recommended using and updating anti-virus software to help secure the endpoint. You should also segregate network and file access based on individuals' need to know or on organization units. For example, your accounting team should not have the same access as the human resources team.

Data backup

Don't overlook the importance of backing up your data on a regular basis. This simple step can reduce the risk of losing everything if a hacker takes your system hostage or if your system fails. Confirm that company-confidential and sensitive files are backed up in a remote and un-connected storage facility (i.e, offline backups). Having good backups may reduce the need to pay the ransom.

Incident response plan

In the event of a data security incident at your company, an incident response plan can help you manage the situation. In fact, the 2016 Cost of Data Breach Study: Global Analysis by the Ponemon Institute and IBM identified an incident response plan as one of the key components of a data governance program that can help to reduce the cost of a data breach. You should involve teams from across the organization (e.g., IT, compliance and management) in creating a plan as early as possible; don't wait until you need to start thinking about it.

In the case of a ransomware attack, your response plan should include:

  • Identifying your last-known clean backup and restoring it
  • Communication protocols with law enforcement
  • Isolation procedures for the infected computer
  • Isolation procedures for devices that have not been infected, such as those for stopping the backup synchronization schedule

Related: How Cybercrime Has Changed (Infographic)

If your company hasn't been victimized by ransomware yet, don't wait to take action. Minimizing your risk and preparing to manage these attacks may be the key to your company's continued operation.

Jorge Rey

Director of Information Security and Compliance, Kaufman Rossin.

Jorge Rey is the director of information security and compliance at Kaufman Rossin. Recognized by the South Florida Business Journal as a top professional under the age of 40, he is responsible for managing and performing a variety of IT advisory engagements for companies in the financial services, healthcare, retail and technology industries. Rey, who helps organizations address information security, compliance and IT needs, is a certified information systems auditor (CISA) and certified information security manager (CISM), and is certified in the governance of rnterprise IT (CGEIT). 

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Editor's Pick

Starting a Business

I Left the Corporate World to Start a Chicken Coop Business — Here Are 3 Valuable Lessons I Learned Along the Way

Board meetings were traded for barnyards as a thriving new venture hatched.

Business News

'Passing By Wide Margins': Elon Musk Celebrates His 'Guaranteed Win' of the Highest Pay Package in U.S. Corporate History

Musk's Tesla pay package is almost 140 times higher than the annual pay of other high-performing CEOs.

Business News

Joey Chestnut Is Going From Nathan's to Netflix for a Competition 15 Years in the Making

Chestnut was banned from this year's Nathan's Hot Dog Eating Contest due to a "rival" contract. Now, he'll compete in a Netflix special instead.


Are Your Business's Local Listings Accurate and Up-to-Date? Here Are the Consequences You Could Face If Not.

Why accurate local listings are crucial for business success — and how to avoid the pitfalls of outdated information.

Money & Finance

Day Traders Often Ignore This One Topic At Their Peril

Boring things — like taxes — can sometimes be highly profitable.

Growing a Business

He Immigrated to the U.S. and Got a Job at McDonald's — Then His Aversion to Being 'Too Comfortable' Led to a Fast-Growing Company That's Hard to Miss

Voyo Popovic launched his moving and storage company in 2018 — and he's been innovating in the industry ever since.