It's easy to assume ransomware is a problem for big corporations. The reality, week in and week out, is that ordinary mid-size businesses across every sector are the ones being hit. Two recent examples make the point.
What happened
According to HookPhish's leak-site monitoring, the Qilin ransomware group named PJ Daly Contracting, a construction firm in Ireland, as a victim; and the INC Ransom group named Newspaper Media Group, a media business in the US. These are typical of the steady stream of claims that appear on ransomware "leak sites," where gangs pressure victims by threatening to publish stolen data.
Why it matters to you
Construction firms, local media, professional services, manufacturers — none are too small or too ordinary to target. Ransomware crews run automated, indiscriminate campaigns and follow the path of least resistance. If your defences are weaker than the next business along, you're the easier target. The damage isn't just the ransom: it's downtime, lost data, recovery costs, and the reputational hit of customers' information being exposed.
The fundamentals that stop most of this
- Back up properly — keep offline or immutable backups, and actually test that you can restore from them.
- Multi-factor authentication on email, remote access and key systems.
- Patch promptly, especially anything exposed to the internet.
- Train your people — most attacks still start with a click.
- Have a plan for operating without IT for a while, and rehearse it.
None of this is glamorous, but it's what keeps you off the leak sites.
Worried about how any of this applies to your organisation? Get in touch and we'll talk it through — no jargon, no pressure.
Sources: Qilin hits PJ Daly Contracting · INC Ransom hits Newspaper Media Group — HookPhish