Written by: Daniel Silva, Director of Security & Chief Information Security Officer
One of the keys to running a business is making sure you can keep your business up and running. And for nearly every business out there today, a connected computer network is key to running that business. Even if yours is a small business with a single internet connected computer, downtime is simply never an option.
The bad actors out there who execute cyberattacks know this – and this is why ransomware attacks are on the rise. Ransomware attacks are a type of malware that employs encryption to hold a victim’s information at ransom. Data is encrypted so that victims cannot access files, databases, or applications. A ransom is then demanded to provide access.
The FBI estimates that thousands and thousands of computers a day are affected by ransomware attacks. Ransomware attacks on large companies make the headlines, but thousands of ransomware attacks on small businesses go unreported every day.
Which means, that if you are not vigilant and prepared, it could happen to your business.
If ransomware infects your computer network, all of your systems, records, controls and processes are vulnerable. With your digital assets and processes held hostage, operations will be seriously hampered, or halted entirely.
Which is why it is so important to do everything you can to prevent an attack. For most, a three-pronged approach provides a solid defense.
3 Ways To Defend Your Business Against A Ransomware Attack
1. First, it’s very important to educate yourself, and your employees about how malware could get into your network. Ransomware is delivered through links and attachments in increasingly varied ways: fake emails, sham websites spoofed to look official, poorly secured remote access services or pop-up boxes with phony links for technical support. Clicking those links or attachments loads malicious software onto the system, which then downloads ransomware that invades the network and encrypts files, rendering a company’s data inaccessible. Another way malware can find its way into your system is through removable media. Those free USB sticks we all get? Beware.
Businesses should also develop a testing program to mimic phishing and a procedure for tracking employees who click and fail the test – those who do should receive additional cybersecurity awareness training.
2. Second, make sure you keep your business software up-to-date. Very often, you will be prompted to update your software with various security patches. These may seem trivial, but they are not. Software makers are always fighting the latest tactics employed by would be hackers. Even if you must do it machine by machine, application by application, this is important to keep up with.
3. Third, create and follow a solid data back-up and recovery plan. Having a good plan in place is your final fail-safe against total loss. Many companies partner with a security firm to put these systems in place. The key is to back up systems and data, and then have that back up stored offsite or disconnected from the network – commonly referred to as “air-gapped.” Some companies, like those who are heavily involved in programmed manufacturing, back up on the hour.
So, what if the worst happens and you fall victim to a ransomware attack? Having an Incident Response Plan in place will come in very handy. Right away, you will know what to do. And you can act quickly to minimize the impact on your business. This can consist of notifying customers, alerting law enforcement authorities, removing infected devices from the network as quickly as possible which may help contain the malware. Backup and recovery protocols can make restoration faster and less painstaking.
Law enforcement and government authorities highly discourage paying a ransom because the impact of a ransomware attack on a business may contain irrecoverable data from critical assets. Some of the highlights below may provide guidance as to whether or not business should pay a ransom on systems with irrecoverable information:
- What ramifications would be paying a ransom bring to stakeholders of a business?
- How will paying the ransom impact budget and finance to retrieve the irrecoverable data?
- Is a business able to accept a high level of risk that their data may still be irrecoverable after paying a ransom?
- By paying a ransom, the cybercriminals responsible for the ransomware incident may attempt to continue compromising systems.
So ransomware attacks, sadly, are here to stay. The best protection against them is prevention, and the second best protection is a solid action plan. Giving in is the last resort, the more of us that give in, the longer we’ll see ransomware attacks spreading throughout the world.