Protecting systems and devices has never been more challenging. Attack surfaces continue to expand and cybercriminals use increasingly sophisticated methods to gain entry into organizations.It\u2019s a mistake to think that small and medium-sized businesses (SMBs) aren\u2019t in the crosshairs. While news headlines focus on high-profile ransomware attacks, the damage and destruction that small and medium-sized businesses incur is significant.For example, Webroot found that half of all attacks resulted in ransom demands exceeding $50,000, and the cost of remedying an attack typically runs into the tens of thousands of dollars. In addition, 38% of SMBs that suffered an attack said that it harmed their brand reputation.Making matters worse, the trendline for malware isn\u2019t attractive. Skilled social engineering, increasingly sophisticated malware, and the emergence of ransomware-as-a-service\u2014which allows those with limited skills to download and deploy payloads\u2014have completely changed the stakes. Risky BusinessThere are a few bright spots in today\u2019s environment, such as the industry\u2019s ability to take down one of the peskiest ransomware risks, Emotet, in 2020. However, it\u2019s impossible to breathe a sigh of relief. Consulting firm Accenture found that there was a 27.4% increase in security breaches in 2020.Meanwhile, Webroot has identified several key trends:More than 60% of individuals admit using their personal devices to connect to their company network. The pandemic and today\u2019s work-at-home culture are ratcheting up risks. These devices are nearly twice as likely to be infected.Remarkably, about 10% of business devices still run Windows 7, which greatly increases the risk level. Microsoft stopped supporting the operating system in early 2020, and has introduced numerous protections in Windows 10 that make it more difficult to exploit the operating system.While there\u2019s a perception that Windows systems are primarily at risk, no operating system or platform is immune. Today, malware and ransomware regularly infects Macs, Linux, Android and iOS devices.Malware authors are shifting their methods to what is called LoL bins, or Living off the Land Binaries. These are components that allow an attacker to use the baked-in functionality of the OS to orchestrate an attack. An example of this is Windows PowerShell.The SolarWinds attack demonstrated that cybergangs have also found ways to install malware through legitimate patches coming from trusted sources.Ransomware-as-a-service has created lower barriers of entry for nontechnical players. They simply download a package for a fee and begin phishing and attacking for ransoms.Cybercriminals are evolving their tactics. They increasingly exfiltrate critical and often sensitive data before encrypting it on systems and then demand a ransom. They also disable and encrypt backups. Fighting BackSMBs must adapt to this changing threat landscape. This includes using techniques to thwart LoL binaries, such as switching off PowerShell and other components that aren\u2019t required, and ensuring that cloud instances aren\u2019t spun up with default vendor settings.It\u2019s also wise to deploy a layered defense-in-depth approach that includes malware protection, timely patching, DNS security, encryption at rest and in motion, multiple backup sets, and multi-factor authentication (MFA). A compromised password isn\u2019t a major risk when an organization uses MFA.Yet perhaps the most effective method for blocking malware is education and training. The vast majority of infections are caused by employees clicking bad links or having poor password practices. Individuals must know how to spot phishing attempts and other social engineering methods.A good managed service provider can help build a framework that\u2019s agile and flexible enough for today\u2019s needs. It can address the knowledge and skill gaps that are common, especially at SMBs.Although there\u2019s no silver bullet, organizations that adopt a defense-in-depth framework and have a contingency plan for dealing with an attack are far less likely to find themselves staring down the barrel of an expensive and debilitating ransom demand. It becomes an inconvenience rather than a devastating event.Visit Webroot to learn more.