How To Protect Your Business From Ransomware Attacks



Ransomware Attacks

Cybercrime is evolving rapidly thanks to the pace at which technology is improving. Ransomware is one of the most common forms of attack businesses face. Many large businesses have fallen victim to ransomware attacks, and unfortunately, this perpetuates the impression that small and medium-sized companies aren’t on an attacker’s radar. This is not the case.

In October 2019, an IT consulting firm based in Wisconsin paid an undisclosed sum to an attacker who had blocked client access to patient medical records. While just 20% of ransomware victims are small businesses, over 85% of security service providers report that ransomware is one of the most common threats a small business faces. 

To create a plan to protect yourself from a ransomware attack, you need to execute certain steps to make your business resilient. You also need to prepare for the worst-case scenario where you’ll be attacked. 

Let’s first examine what you can do to build resilience.

Preparation

The first step you need to take is to conduct a thorough review of your current security measures. Many small companies install cybersecurity systems and believe that this single solution will protect them. Cybersecurity is a continuous process, not a one-time job. You need to constantly conduct a cyber risk assessment and make sure your software is updated with the latest patches and upgrades.

Small businesses often can’t afford to install enterprise-grade security systems, but there are a few things you can do to overcome this obstacle. First, create a map of your assets and order them by the risk a breach in them poses to your business. If you have an IT department, it’s critical that both business and IT work together to create this map. Relying solely on IT to identify critical business assets might lead to an incomplete picture.



Develop a resilience plan for your most critical assets. A resilience plan includes backup schedules, business continuity plans, and recovery plans. For example, you could backup the data connected to your most critical assets more frequently than you do for others. You should also review the security of your backups and test the possibility of running operations with that data in case your primary systems are compromised.

It’s essential to create an asset risk map for your business because most small businesses respond to every threat in the same manner. A risk to a low criticality asset should not be treated with the same degree of urgency as a threat to a highly critical one. Since cybersecurity is a continuous process, you must devote additional resources to continue monitoring your plans for highly critical assets. 

Disaster Handling and Recovery

While installing top-notch protection is great, you must prepare for the worst and have a recovery plan. The first step to take is to review the guidance from the No More Ransom project. One of the most critical questions to ask yourself is are you willing to pay a ransom to unlock your files?

There’s no guarantee that the keys you receive from the attacker will help you recover your files. The standard advice is to refuse to negotiate with attackers. This is why your backup plans are important. It gives you a stronger negotiating position. Make sure your employees are aware of your official approach to an attack. Your entire organization has to be on the same page during such times. Luckily, small businesses tend to find it easy to communicate official stances to their employees due to there being a small number of them.



Most importantly, do not spare any time in reporting the incident. Ransomware spreads quickly, and the sooner you report an attack, the more it can be contained and resolved. Don’t think reporting a ransomware attack is embarrassing or that you’ll suffer a loss in reputation. Reporting an attack quickly will prove you’re a responsible organization.

An Evolving Threat

There isn’t a single solution to ransomware attacks. Like the rest of cybercrime, it’s an evolving threat that small businesses have to keep pace with. Reviewing your plans and installing best practices is the way forward. The framework you’ve just read will help you do this easily.

Testing your resilience is critical. Run frequent fire drills that simulate an attack. Review the results regularly and make sure your IT team is up to speed on the latest best practices in the industry. If possible, use a continuous monitoring security system that actively scans and simulates threats to your business. 

When training your employees, make sure you focus not just on making them aware of cyber threats but also on changing their behavior. Installing the latest anti-malware solution isn’t of much use if your employees are going to fall for phishing emails. Conduct interactive exercises instead of seminars and create collaborative workshops between technical and business users so that everyone is on the same page regarding cybersecurity.



Image: Depositphotos.com 1 Comment ▼



Itai Elizur Itai Elizur is the COO at InboundJunction, a content marketing agency specializing in helping B2B and SaaS companies to increase their online visibility. Itai has worked with some of the biggest tech companies in Israel, helping them develop and optimize large-scale user acquisition strategies through content, brand messaging and marketing automation.

One Reaction
  1. While I agree with many things said in the article, it’s important to note that the evolution of ransomware, starting in earnest with the Maze variant in Q4 2019, many strains are also exfiltrating data prior to encrypting it. They then threaten the victim organization with the public release of information, often data from customers, unless the ransom is paid. When looking at most recent news-worthy events, the reason many ransomware infections are in the news is fallout from the data breach that occurs when the data is made public or even just when the threat is made.

    There is more to protecting against ransomware than just focusing on system recovery, although that is an importatant part. Because of the impact a breach can have, even on a small organization, it has made preventative measures such as employee training even more important.

Leave a Reply

Your email address will not be published. Required fields are marked *

*