What can be the most crippling event to happen to your business or organization? Some will say a global pandemic; some will say a poor market. But possibly the most malicious and unfair way for a business to fail is due to theft. Not just any theft however, but of the cyber variety. Most businesses have insurance in place to cover the potential loss of physical theft, but cyber theft insurance is often forgotten about because it is still in it’s relative infancy. Even still, cyber theft can lead to loss of revenue, dissatisfaction with clients, and ultimately, loss of business. Your data can be stolen in so many ways, from phishing emails, social engineering, and more. Today, more and more companies are falling victim to cyber theft in the form of ransomware, in which malicious code encrypts computer files, and cyber attackers demand a ransom to unlock them.
Let’s talk about a cyber criminal’s weapon of choice – what is ransomware?
By definition, ransomware is a specific type of malicious software that gains control of your system and blocks access or threatens to do harm to it. Upon infection, a “ransom note” in the form of a text file or image pops up, offering to restore your system back to normal in exchange for compensation. The most infamous ransomware attack was the WannaCry attack that happened in 2017, where the attack spanned over 150 countries and over 200,000 organizations were impacted.
How did this attack happen? The cybercriminals attacked businesses that were running on older windows operating systems that were no longer being updated and supported by Microsoft. Just last year, Microsoft announced the end of life for Microsoft Office 2010 & Office 2013 on 365. It’s entirely possible that another global ransomware attack is coming for the businesses still using these older systems.
Okay, so what? In the WannaCry attack, they were only asking for $300 dollars. What’s the harm in paying? We always say to never pay the ransom! Why? There is absolutely no guarantee that you’ll get your files back. You simply cannot trust a criminal to adhere to they’re promises. Secondly, you’ll be putting a target on your back. If you pay the ransom once, you’ll be flagged as a user who pays the ransom and the criminals will be back to take advantage of you again. Also, even though the ransom might only be something cheap like $300 dollars, there are much more costs.
Why would a cyber criminal attack me? Why do they care about my SMB?
The fact is, small-to-medium businesses are the most vulnerable. Typically, SMBs just do not have the budget to strengthen they’re cyber security procedures, or simply they are too concerned with other important matters. It is very common for SMBs and many organizations to leave their backdoor open without realizing it, or they are ignorant to it with the thinking that nothing with happen to them.
How can I protect my business from ransomware?
The best way to defend against ransomware is taking the time to protect yourself from it in the first place. Listed below are some of the best techniques to protect your organization from a ransomware attack:
-
Backup your data regularly.
Modern total data protection solutions, like a business continuity & disaster recovery solution, take snapshot-based, incremental backups as frequently as every five minutes to create a series of recovery points. If your business suffers a ransomware attack, this technology allows you to roll-back your data to a point-in-time before the corruption occurred. When it comes to ransomware, the benefit of this is two-fold. First, you don’t need to pay the ransom to get your ransom to get your data back. Second, since you are restoring to a point-in-time before the ransomware infected your systems, you can be certain everything is clean, and the malware cannot be triggered again.
-
Use a Multi-layered Defense Strategy.
Ensure that your business is protected by both a powerful anti-malware software and a firewall. This gives you two layers of defense – on both the network and your equipment.
-
Filter e-mails.
One of the most popular ways to send ransomware is by attaching .exe files or .zip files to otherwise normal looking e-mails impersonating friends, other employees, or even clients. Using software to filter and block these e-mails before they hit the user’s mailbox is a wonderful way to safeguard users from falling victim to ransomware.
-
Educate your users.
Users are your last line of defense in the battle against ransomware. Ransomware wouldn’t be successful were it not for unsuspecting users downloading and executing a piece of malware (e.g. opening an e-mail attachment, clicking on a malicious link, etc.). Educating users with our Cyber Security Awareness Training will reduce the chance of them falling victim to an attack. Some things to emphasize would be:
- Do not open e-mail attachments or click on links from senders you do not know
- Check for misspelled domains in e-mails
- Report any suspicious files or e-mails to the IT Department or Information Security team
What can I do when Disaster Strikes?
Even if you take the proper precautions, a single mistake can allow ransomware to enter your system. At that point, you should immediately remove any affected systems from your network. If you can restore to a recent backup, you’ll be able to regain access quickly.
Feel free to ContactUs for more information.