As a small to mid-sized business, are you prepared for a ransomware attack? According to the World Bank, small and medium sized businesses (SMBs) represent over 90% of businesses worldwide and the driver of up to 50% of jobs. These range from family owned retail shops and restaurants to startups to established regional businesses with hundreds of employees.
While SMBs are so important, they are also a strong target of cyber threats and attacks. Primarily, they are often understaffed to deal with modern day IT needs due to the growth and complexing of IT systems today. Over the last 3 decades IT department needs have grown beyond the capabilities of a one or two person department. IT professionals now either need to be master and multiple disciplines such as routine hardware, software and network maintenance to technical support to data protection, backups and security to frontline security against malware.
This includes making sure an organization is ready to fend off a ransomware cyberattack either through a hardening of local systems with antivirus/anti-malware or through multiple layers of backups and redundancy. If your company was to find itself unable to function due to a ransomware attack, how would you be able to pick up the pieces and get back to work?
What are Ransomware Attacks
Simply put, a ransomware attack is malware that encrypts your local computer and may also extend to other computers and servers on your network. The reason they are called ransomware attacks is that they will encrypt all data on hard drives and require a payment to decrypt, or unlock, your data. Often times, this payment is required is a pseudo-anonymous method such as Bitcoin. (Bitcoin is a cryptocurrency, the scope of which is beyond this article, but if you are interested in learning more, drop me a line and I’ll include some info in my next tech topics blog post). Once the ransom is paid, a decryption key is provided to restore access to the data.
Without adequate protection of systems, many firms are forced into paying the ransom to get their data back. With proper procedures and planning it is much cheaper to protect against future attacks than it will be to pay the ransom to get your data back – and some ransomware packages have been found to be destructive regardless of a ransom being paid.
Planning for a Ransomware Attack
It may sound counter intuitive, but the best way to prepare for a ransomware attack is to plan for one. If your core system/workstation were to be taken offline, could your business still function? Start by defining redundant solutions for replacing the critical infrastructure. If you were locked out from your data, would you be able to restore from backups with minimal loss, or would you be searching for the nearest Bitcoin exchange. With your core system(s) start planning how you would be able to continue in a somewhat ordinary fashion. This could be alternate payment/sales terminals. Redundant hardware or software, etc.
Data and Data Backups
In addition to taking core systems offline, are you preforming backups of your company’s data. Not only critical infrastructure data, but even routine data such as office documents and email? If you are currently doing data backups, how frequently are they happening, are they stored in a separate location (a cloud service would count) and most importantly, have you tested your data backups to make sure that you are able to restore and get back to work.
Many business have found themselves in the position of thinking their data was backed up, until it was time to restore a system. Only to find out that the right data was missing, or the backups were corrupted, or systems that were able to communicate prior to a data restore are unable to communicate because critical data was missing that may not have seemed important.
Preventing Ransomware From Getting In
One of easiest methods of preventing ransomware is have malware protection, via antivirus and anti-malware software, in place on all workstations and servers. And making sure that this software is always up-to-date. For employees, we recommended putting in use a computer usage policy which outlines things to do – and more importantly NOT DO – with their computers. Internal education on digital safety is also recommended – no, you don’t plug that USB drive you found in the parking lot into your computer.
What if something still gets past our protection
It is crucial that employees are educated on symptoms of a virus or malware on their computer. This includes:
- Slow start-up or performance
- Pop up ads that are difficult to remove
- Unknown or unfamiliar programs starting on their own
- Missing files
- Unauthorized or mass emails sent from your account
- Suspicious hard drive activity or high processor activity
- Crashes or error messages
- Inability to log on or access files
If employees notice something “different” than usual, the ability to reach out to IT support may be crucial in catching ransomware in progress and before it could expand outward to additional workstations and servers.
Schedule A Consultation with Bit Perfection Today
At Bit Perfection, we can review your security protocols, make recommendations on avoiding ransomware and architecting a data backup solution that is both adequate for your needs and testable in a disaster recovery situation to get your organization back up and running. Contact Caden today at 502-559-2444 or fill out our contact form to learn more about ransomware protection.