Cybercrime has reached unprecedented proportions across the globe, with nearly half of all cyberattacks committed against small businesses. For those running small enterprises in 2020, it’s not just the implications of COVID-19 you need to consider. Rather, consider the rise of ransomware attacks or the “hackopalypse.”
Ransomware is a type of malware that encrypts or otherwise locks users out of their files. When users try to access their data, they receive a notice demanding the payment of a ransom to regain its use.
Ransomware has been around since the 1980s. The last decade has also seen various ransomware trojans crop up. However, the real opportunity for attackers has been the introduction of Bitcoin.
This cryptocurrency allows attackers to collect money from their victims without going through traditional channels. Its impact can be devastating for small businesses.
According to a survey by cybersecurity and backup firm Datto, one in five small to medium-sized businesses fell victim to a ransomware attack in 2019. The consequences of a ransomware attack can be dire. An organization may find itself locked out of its enterprise data for weeks. There may also be deletion of entire databases. Additionally, cybercrime may lead to reputation damage and the loss of customer trust.
In 2019, according to Cyber Security Ventures a new organization fell victim to ransomware every 14 seconds. It is predicted that by 2021 this will increase to every 11 seconds.
In 2018, the FBI received 1,493 complaints about ransomware with victims. This incurred losses on average of $3,621,857. That only counts the actual ransom payments, not the fallout. Atlanta, for example, spent around $2.6 million on its recovery efforts from a ransomware demand of about $52,000.
While the number of these attacks is rapidly increasing, small enterprises can protect themselves with an ongoing front-line defense and employee vigilance.
The phrase “education, education, education” couldn’t be more fitting for cybercrime awareness. It’s critical to keep ourselves and our employees informed and alert to phishing scams and attempted attacks. This allows us to prevent a cyber breach.
Most individuals trigger a ransomware attack by opening what looks like a normal email. This email actually contains a virus in a document, photo, video or another type of file. Most hackers don’t even need much knowledge to insert a piece of malware into a file. Instead, there are numerous articles and YouTube tutorials on how to do it.
Always avoid opening an email from an unknown sender. What if you receive an email from an unknown source? Inform your company data security advisor or IT team immediately.
When ransomware infects a single computer, it’s a serious problem. It spreads through the network like wildfire. It becomes a nightmare that compromises the entire business.
What can you do to avoid this? Companies that have not already done so should consider implementing a data security software program. This checks all incoming emails before the intended recipient receives them. It dramatically reduces the risk of a virus spreading inside a company network and compromising sensitive data.
In the event of a breach, it also pays to be prepared. You may have a Disaster Recovery Plan in place for your small business. DRPs highlight key stakeholders, risk assessments, and recovery procedures. They are invaluable for ensuring a calm and swift restoration process to failed, compromised, or disrupted IT systems.
There are two things we can update: our IT systems and employees.
First, updating your software and operating systems will ensure that there are no gaps in your data security policies. By informing employees of the risks around cybercrime, you can ensure that individual software and system updates are happening when necessary while simultaneously empowering staff to know what to do in the event of an attack.
Ongoing training, reading the most recent news, and keeping up to date about new developments in this area and loopholes in networks or software solutions should be a necessity.
If your organization doesn’t require a Remote Desktop Protocol (RDP), it’s best to replace it with a more secure solution. If this isn’t possible, then the following measures should be put in place:
It’s always best practice to back up your work, but it’s crucial for preventing ransomware attacks. To do this, your backup must be up-to-date, highly secure, and tested thoroughly and frequently. Most importantly, it must also enable the easy restoration of data.
This means that if you are hit by any form of malware, you can rebuild your system quickly and hassle-free. If possible, make sure that your backup system is not connected to your network (or only for the time when it’s needed), as this will prevent your backup being affected by malware as well.
Implement a backup and recovery plan for all critical data using the 3-2-1 strategy. 3. Retain a minimum of three copies of data 2. Store data on two different types of media 1. Secure one copy of your backups offsite.
Test backups regularly to ensure proper configuration. This will limit the impact of a data breach and accelerate the recovery process.
Isolate critical backups from the network (air gap) for maximum protection.
Implement copy-on-write file systems (NetApp WAFL – Linux ZFS) or WORM features in NAS systems or appliances.
Patch critical operating systems, antivirus, security, and backup software as soon as possible.
Establish ongoing cybersecurity training for users and admins to identify phishing emails.
What if ransomware gets through your defensive line? Then, you should do the following.
Paying the criminals doesn’t guarantee that you will get your data back. In many cases (and most definitely, if it is a ‘ranscam’ or wiper malware) you will not get your data back. This leaves you with no data and a lot less money.
Some computer specialists may have the capabilities to recover lost data. However, it is risky. If something goes wrong, you could destroy your data forever. It’s important to contact expert specialists with the necessary skills and experience.
Even if your backup is missing after a ransomware attack, you should never rule out the possibility of recovery. Possible solutions depend on the type of media or storage system, and the type of ransomware.
Lynn Walker is the VP of Global Marketing at Ontrack, the world’s leading data recovery specialists. Lynn has managed and led dynamic marketing teams for over ten years. In this blog, Lynn shares her wisdom on how to protect your business from cybercrime.
When the economy isn’t doing as well as you’d like, you lose a client or…
Social media is one of the biggest topics in business. It seems like every day…
At MyCorporation, customer service is our biggest difference maker. Since we started the business, it’s…
It’s that time of year again! Haunted houses, ghosts, goblins, trick or treating, scary movies.…
Kids are back in school, parents are back at work full time, and you’re wondering…
If you’re a business owner, you’ve likely heard about BOI in the last two years…
View Comments
Hey, Lynn. This is a good one.
These days people are just being cruel and want to make money off any given opportunity.
While it's ridiculous, I think one of the best ways as you said is BACKUP.
Yeah, it's important we back up our data in case of any funny experience.
Thanks again for taking the time to write this.
Many data leaks occur because the perpetrators firmly believe that it is impossible to trace the breach back to them. Informing employees about the introduction of ILD technology in your company will make it clear to everybody that a potential culprit will be identified and punished in case of a data breach. Communicating this to employees significantly reduces the chance of malicious leaks.