More and more, ransomware has emerged as a major threat to individuals and businesses alike. Ransomware, a type of malware that encrypts data on infected systems, has become a lucrative option for cyber extortionists. When the malware is run, it locks the victim’s files and allows criminals to demand payment to release them.
Unless you’ve been living under a rock, you are probably well aware that ransomware is detrimental for a small business. Organizations of all types and sizes have been impacted, but small businesses can be particularly vulnerable to attacks. And ransomware is on the rise. In the McAfee Labs June 2018 Threat Report, the number of new ransomware strains saw an increase of 62% in the previous four quarters. This increase brings McAfee’s total number of identified strains to roughly 16 million. Ransomware is distributed in a variety of ways and is difficult to protect against because, just like the flu virus, it is constantly evolving.
Cybercriminals armed with ransomware are a formidable adversary. While small-to-mid-sized businesses aren’t explicitly targeted in ransomware campaigns, they may be more likely to suffer an attack. Frequently, small business IT teams are stretched thin and, in some cases, rely on outdated technology due to budgetary constraints. This is the perfect storm for ransomware vulnerability.
"So, what’s the best way to protect my data?" Thankfully, there are tried and true ways to protect your business against ransomware attacks. One way is not to have your computer plugged in at all meaning no power cord in the system, nothing. While that’s a solution, it's not a practical one. All businesses need data and technology to keep their businesses going.
While security software is essential, you can’t rely on it alone. A proper ransomware protection strategy requires a three-pronged approach, comprising of education, security, and backup:
Education:
First and foremost, education is essential to protect your business against ransomware. It is critical that your staff understands what ransomware is and the threats that it poses. Provide your team with specific examples of suspicious emails with clear instructions on what to do if they encounter a potential ransomware lure (i.e. don’t open attachments, if you see something, say something, etc.).
Conduct bi-annual formal training to inform staff about the risk of ransomware and other cyber threats. When new employees join the team, make sure you send
them an email to bring them up to date about cyber best practices. It is important to ensure that the message is communicated clearly to everyone in the organization, not passed around on a word of mouth basis. Lastly, keep staff updated as new ransomware enters the market or changes over time.
Security:
Antivirus software should be considered essential for any business to protect against ransomware and other risks. Ensure your security software is up to date, as well, in order to protect against newly identified threats. Keep all business applications patched and updated in order to minimize vulnerabilities. Some antivirus software products offer ransomware-specific functionality.
Sophos, for example, offers technology that monitors systems to detect malicious activities such as file extension or registry changes. If ransomware is detected, the software has the ability to block it and alert users. However, because ransomware is constantly evolving, even the best security software can be breached. This is why a secondary layer of defense is critical for businesses to ensure recovery in case malware strikes: backup.
Backup:
Modern total data protection solutions, like Datto, take snapshot-based, incremental backups as frequently as every five minutes to create a series of recovery points. If your business suffers a ransomware attack, this technology allows you to roll-back your data to a point-in-time before the corruption occurred. When it comes to ransomware, the benefit of this is twofold. First, you don’t need to pay the ransom to get your data back. Second, since you are restoring to a point in-time before the ransomware infected your systems, you can be certain everything is clean and the malware can not be triggered again. Here’s an example of how Datto saved the day for the international hotel chain, Crowne Plaza.
Additionally, some data protection products today allow users to run applications from image-based backups of virtual machines. This capability is commonly referred to as “recovery-in-place” or “instant recovery.” This technology can be useful for recovering from a ransomware attack as well because it allows you to continue operations while your primary systems are being restored and with little to no downtime. Datto’s version of this business saving technology is called Instant Virtualization, which virtualizes systems either locally or remotely in a secure cloud within seconds. This solution ensures businesses stay up-and-running when disaster strikes. If you would like to learn more, reach out to us today at (512) 388-5559 or download our free business continuity report: https://www.cttsonline.com/business-continuity-101/
It can be challenging and costly to maintain your business’ technology systems, but it doesn’t necessarily have to be. This is where CTTS comes in; our expertise in data backup, recovery, business continuity, and cybersecurity can help your business achieve all of its technology-related goals, including regular network maintenance. You might be surprised by how many benefits proactive network maintenance can provide for your organization. Give us a call today for a free technology assessment: (512) 388-5559.
By Ramon Kreher
Desktop Support Technician
Central Texas Technology Solutions