Ransomware. A word that can strike immediate fear in the heart and mind of any business owner. Ransomware attacks have unfortunately become common, with many small businesses falling victim to them. Cybercriminals will attack any individual or any business, regardless of the industry. Ransomware has become a major risk for businesses of all sizes, but smaller businesses are often at a greater risk because they generally lack the proper IT and security controls to successfully combat an attack.
Ransomware takes several forms, from malicious actors encrypting your data and requesting a ransom payment in exchange for the release of the encryption, stealing your sensitive data and threatening to release the information on the web unless you pay, to threatening to fully disable your IT systems unless their demands are met.
Malicious actors are sophisticated and are equipped with advanced resources, and they are typically a part of organized criminal groups. You do not want to simply think you are protected from cyber threats – you want to know that you are protected. With more attacks grabbing national attention, it seems the perfect time to share information to better prepare our local businesses.
Criminal groups are increasingly using cyberattacks to extort as much money as possible from individuals and businesses. This is a profitable business for them with many ransom payments totaling millions of dollars. One of their more common patterns is to infect a company with a virus or other ransomware that encrypts data so the data and systems cannot be used, or the cybercriminals can enter through gaps in your network perimeter and then place the ransomware on the systems directly.
When your business has been compromised, your data will be ransomed and you will have to pay to have your data decrypted and to avoid having malicious attackers publicize your business's sensitive data. Defending your business against ransomware attacks has been, in some way, compared to defending your business against other types of cyberattacks. A strong defense requires a set of IT controls that can be implemented alongside a comprehensive and robust backup and disaster recovery solution for your data and systems. While every small business should have a comprehensive strategy beyond the basic IT and security controls, small business owners can do the following to avoid falling victim to a ransomware attack:
Regularly Patch and Update Software and Operating Systems
Most ransomware attacks will take full advantage of outdated software and operating systems that have several gaps in security. Make sure your network, servers, systems, and end-user desktops and laptops are updated with the most current operating system version. Regular updates are critical to your security. Keep all your systems patched and up to date – especially security patches.
Use Antivirus and/or Malware Software
A robust antivirus application can provide one of the best and strongest defenses against ransomware attacks and other cyber attacks. It is critical to make sure all servers, desktops, laptops, and other devices hosted on your network have an up-to-date version of antivirus software protecting the device. Make sure that automatic updates are enabled and that each device is being protected in real-time.
Be Selective With Privileges
It is important to be vigilant and selective with administrative privileges. Restrict who has the administrative privilege in your business; be selective with who has the privilege to download and install applications in your environment. You only need to have a small number of trained and skilled system administrators. You also may want to limit the use of USB storage, and if USB storage is used, you can encrypt what is being used.
Authenticate and Manage Access to Your Environment
Implement strong authentication for any access to your environment and services, including remote access and services that are used in the cloud. Manage identity and access to your systems and services. When an employee leaves willingly or is terminated, remove any access and privileges they were granted while they were still employed with your business.
Isolate Your Critical Data
Your most critical IT assets and data should be isolated in a separate part of your IT environment. Content on your mobile devices should be encrypted, and there should be policies in place for mobile device security. The most critical IT assets and data that should be isolated include (but are not limited to) customer and client records, financial information, and authentication systems.
Establish a Backup and Disaster Recovery Plan
Recovering from a ransomware attack after it happens, without paying the requested ransom, is next to impossible unless you have a well-architected Backup and Disaster Recovery Plan. Your Backup and Disaster Recovery plan should be constructed so well that all your servers and data will be backed up frequently and stored in a secure location away from your business. You should have multiple copies of your data, and the data should be housed in different types of storage, including at least one in an offsite location. With your own Backup and Disaster Recovery Plan, you will increase your business's chances of successfully recovering from a ransomware attack.
Perform Security Risk Assessments and Audits
Are you aware of everything that is currently on your network? Do you know how many of your machines need to be updated or removed? Is your antivirus or malware software working as it should? When you know what is happening on your network and how well-protected or inefficient your network is, this can be the difference between your business becoming the next victim of a ransomware attack and not being a target at all. Businesses should perform regular risk assessments and audits to ensure your business's network is protected from attacks.
Ransomware is a growing cyber threat that can devastate any business, especially small businesses that do not have the tools, internal IT staff, and resources to defend against it. Unfortunately, small business owners are the least likely to be prepared for a ransomware attack. This is why the Henderson Chamber of Commerce is focusing on helping our local businesses fight ransomware attacks.
Should you require additional guidance or support on ransomware-related matters, feel free to reach out to Orbis Solutions Inc.
Orbis Solutions, Inc., in Las Vegas, Henderson, Summerlin and throughout Nevada, has developed creative, strategic and cost-effective technical solutions for a wide variety of clients. Offering a diverse range of products and services, Orbis provides IT solutions to promote your company’s productivity and profitability, and help you sort through the latest-hyped technology, so you can select the best hardware, software or service for your business needs.