Ransomware is a type of computer software developed by hackers to access and steal your data, with the hopes of receiving a payout to get your data back. It’s the digital equivalent of taking a hostage, and the repercussions can be serious for businesses. Thankfully, there is a way to protect your business from ransomware attacks through prevention and staff training, but first it’s important to understand the full impact of ransomware in today’s data-sensitive climate.
Traditionally, Ransomware attacks have been targeted to individuals and their personal devices. However, it didn’t take long for savvy hackers and cyber-criminals to realize their chance of ransom payouts were much higher for businesses. Businesses and government organizations are a prime target due to the size and nature of their data, which often spans both the internal business and all of their customers. Instead of infecting one or two machines, ransomware can infect an entire department or business and therefore have stronger leverage.
In fact, leading anti-malware software company Malwarebytes saw a 363% year-on-year increase in ransomware attacks on businesses in the second quarter of 2019. Almost 60% of recorded ransomware attacks are based in the USA, with Canada the second biggest target claiming 10% of attacks. This is largely due to the strength of North American currencies and a general lack of knowledge and prevention. Ransom demands generally average around $35,000 USD, however in August 2019 one group of cyber-criminals demanded up to $2.5 million from a Texas-based governmental department. With so much money at stake, it is estimated that the end of 2019 will see an attack every 14 seconds specifically targeted to businesses.
The majority of ransomware is delivered through “phishing” emails which contain infected links and documents, or by accessing machines through the Remote Desktop Protocol (RDP) which many businesses have turned on by default for remote assistance. From here, the attackers can access applications, networks, databases, emails, logins, and files before demanding a payment. Generally speaking, the FBI does not advise businesses to pay the ransom as there is no guarantee the attacker will surrender your data or not repeat the attack. Rather, it’s best to seek preventative measures as soon as possible.
1. Preventative Software and Systems
One of the most important things you can do to prevent ransomware attacks is to secure your systems – this means installing credible anti-virus software, configuring your network firewalls, and implementing strong email security systems. Not all endpoint security applications are equal, therefore it’s also important to select one of the few that are actually proven to protect against ransomware. Also, simply installing those are not enough – they must all be updated and maintained to ensure the latest security standards are patched in. Ideally, a recurring review and security meeting should be put in place to ensure everything in your technology and security stack is in top shape.
2. Recovery Plans
Protection isn’t only about upfront prevention – it’s also about backups and recovery plans. This will ensure that you can still access your important data in the unfortunate scenario where your data is stolen by a cyber-criminal. Recovery software is usually installed as part of a preventative suite, but you should also consider what steps to follow in data recovery situations. A recovery plan will document exactly what to do, ensuring you’re prepared when those situations arise to minimize downtime and get your business back on track.
3. Staff Training
Even the most robust preventative software runs the risk of being compromised by human error or a gap in knowledge. For example, your staff might click on a malicious link in an email without knowing what signs to look for, or share their login information with colleagues without understanding the chance of it being intercepted. More worryingly, staff may allow delivery people into the office without attending them – allowing them physical access to systems.
The best way to put safeguards in place is to train your staff, and inform them of the common risks so they can play their part in protecting your businesses. This could be done through training meetings, phish testing, online courses, and on-site checklists. Following this, regular health checks and audits should be conducted to ensure those training standards are being met.
Ransomware attackers thrive off of businesses who are not prepared. The technical nature of their attacks means that technical counsel is recommended to fight them. To that end, your business should work with your Managed IT Solutions company to ensure measures are put in place. Red Rhino recommends folding in these services, including staff training, alongside your other IT needs to ensure a holistic solution is implemented. With many different systems in place at any one time, your business can benefit from having one provider with a full understanding so that they can spot any holes or gaps in your security. When the average ransom demand is $35,000 USD, prevention can be a cost-effective way of protecting your business.
About Red Rhino
Red Rhino provides Managed IT Services, Support and Consulting to businesses in Vancouver and the Fraser Valley including Abbotsford, Langley, Surrey, Burnaby, Richmond, Coquitlam, Delta, and White Rock.