This is a cold hard fact: Ransomware is on the rise.
What is ransomware?
It’s where hackers break into your network, encrypt your data so you can’t access it, and then charge you a large ransom fee to unlock it. It’s the most disruptive and costly kind of attack you can imagine. And very hard to undo.
Why is it a big deal?
Ransomware attacks are dramatically up thanks to the pandemic. All the urgent changes that businesses went through last year created a perfect storm with plenty of new opportunities for cyber criminals.
Is my business really at risk?
Thanks to automated tools used by hackers, all businesses are being targeted all the time. In fact, hackers prefer to target small businesses as they typically invest less time and money into preventive security measures compared to large companies. It’s estimated a business is infected with ransomware every 14 seconds.
How can my business get infected with ransomware?
42% of ransomware comes from phishing emails. This is where you get a legitimate-looking email asking you to take a specific action. You only need to click a bad link once to let attackers quietly into your system. And it doesn’t have to be you who clicks… it could be any member of your team.
Why is it so hard to undo?
A ransomware attack takes weeks for the hackers to set up. Once inside a network, they stay hidden and take their time to make lots of changes. Essentially, they’re making it virtually impossible for an IT security company such as ours to undo the damage and kick them out once the attack has started. If you haven’t thoroughly prepared for a ransomware attack before it happens, you are much more likely to have to pay the fee.
How much is the typical ransom?
The hackers aren’t stupid. They know trying to get $150,000 out of a small business simply won’t happen. But you might stump up $10,000 just to end the hell of a ransomware attack. They will change their ransom demand based on how much money they believe a business has.
Of course, the ransom isn’t the only cost associated with an attack. There are countless indirect costs. Such as being unable to access your data or systems for a week or longer. How horrendous would it be if no one could do any work on their computer for a week? How would your customers react to that?
What can I do now to protect my business?
This is the most important question to ask. It’s virtually impossible to stop a ransomware attack from happening. But you can do an enormous amount of preparation, so if an attack does happen, it’s an inconvenience, not a catastrophe.
Here are the three steps we recommend for maximizing your ransomware resilience.
Act as if there’s no software protecting you
Software is essential to keep your business safe from all the cyber security threats. But there’s a downside of using this software – it can make you and your team complacent.
Actually, humans are the first defense against cyber-attacks. For example, if your team doesn’t click on a bad link in a phishing email in the first place, then you’re not relying on software to detect an attack and try to stop it.
This means basic training for everyone in the business, and then keeping them up-to-date with the latest threats.
Invest in the best data backup and recovery you can
Automatic off-site data backup is a business basic. When you have a working backup in place, it can be tempting not to give it a second thought.
But it’s worth remembering that cyber criminals will take any means necessary to get you to pay their ransom. That means they’ll target your backup files too. Including cloud-based data.
It’s critical that you create and implement a comprehensive back-up and recovery approach to all of your business data. The National Institute of Standards and Technology sets out a cyber security framework which includes best practices such as:
• Constant backups: Separate from the computers and ideally in the cloud
• Immutable storage: This means once created, backups can’t be changed
• Firewalls: To restrict what data gets in and out
Create a plan for cyber-attacks
When a cyber-attack happens, every second is crucial. The earlier you act, the less damage is caused.
So, prepare a detailed plan of action and make sure everyone knows what’s in it, where to find it, and how to trigger it.
Test your plan regularly to make sure of its effectiveness and remove any risk of failure by keeping at least three copies of it in different places. One should be a printout kept at someone’s home… just in case you have zero access to data storage.