Although ransomware attacks continue to increase, many organizations still don’t believe that it could happen to them or that they should do anything to prepare for such an attack. As IT Service Providers, MicroAge has cybersecurity discussions with clients everyday and we hear various reasons why organizations believe what they believe.
In today’s article we will look at some of the most common erroneous beliefs about ransomware and why they could be detrimental to an organization’s cybersecurity strategy.
1. We are too small
We hear this refrain often in our conversations with organizations. Whether it’s because the ransomware attacks we hear about in the news are on larger enterprises or the organizations truly believe that they don’t have any data that cybercriminals would be interested in, this belief is a dangerous one.
Consider the following, according to Verizon’s 2022 Data Breach Investigations Report, ransomware attacks have increased by 13% which is an increase greater than the last five years combined. The report also indicates that ransomware leads the way in terms of breach methods against SMBs and is responsible for 80% of the breaches.
So why do threat actors go after SMBs? There are two main reasons:
- Typically, SMBs have less resources and less budget to put in place the controls and protection that are needed to reduce the risks of ransomware attacks. This makes SMBs an easier target for threat actors.
- The myth SMBs continue to believe, is that they don’t have anything worth stealing. When they look through their emails and data, they often find sensitive or confidential information just waiting to be stolen. Things like employee banking information … or maybe, partner banking information. Agreements that have been emailed back and forth containing confidential details such as pricing or intellectual property information. Often, the SMB is not the final target, but they do have information that may lead to bigger targets because they are part of the supply chain for the larger organizations.
The bottom line is, SMBs are not immune from ransomware attacks. Organizations of all sizes and from all industries are targets. No organization can afford to underestimate the risk.
2. It will happen and there is nothing we can do about it
In our conversations about cybersecurity, we often say that it’s not “if”, an attack will occur but “when” it will occur because, truthfully, there are no guarantees, even with good cybersecurity controls and protection. However, that does not mean that organizations don’t have options to reduce their risks. The idea is to put in place the protection that will reduce the likelihood of being attacked and ensuring that important or critical data is protected should an attack be successful. Here are a few things organizations can do to defend themselves and protect their data.
The most common way ransomware is propagated within an organization is through tricking users to click on a link that downloads a file enabling malware, commonly known as phishing. The best way to defend against this, is a combination of endpoint protection and cybersecurity awareness training. Endpoint detection and response or EDR solutions can stop malicious emails before they get to the end user. Be aware that traditional antivirus without the EDR capability should be considered dangerous and obsolete. Cybersecurity awareness and training for all users helps them to identify potentially malicious emails. The combination of these two lines of defense helps to proactively protect against ransomware attacks.
The ransomware business model thrives on data. Data drives businesses today and losing data or losing access to data can have serious repercussions. This is why ransomware is so successful. Businesses need to ensure they protect their data and make sure that the data is backed up so it is accessible in the worst case scenario.
3. We have backups, we are fine
As we mentioned above, having backups of data is crucial to any sound cybersecurity strategy. But backups need to be maintained and monitored to ensure that the data is indeed being backed up properly and can be restored when the need arises. Organizations need to determine the cadence of their backups which is dependent on the type of data that is being backed up and how quickly it needs to be accessed. In addition, organizations need to ensure that at least one of the backups is immutable (can’t be changed or is inaccessible to threat actors). All of this is to ensure that the data is accessible when needed and that downtime is reduced to what the organization has determined to be an acceptable time period. If your business gets hit with an attack, you can and should expect some downtime.
It is not enough for businesses to say that they have backups, they truly need a well thought out disaster recovery plan as well as a business continuity strategy that will help them get back on their feet as quickly as possible.
Ransomware is not going away anytime soon. With the right cybersecurity solutions and services in place and a partner like MicroAge to help put them in place, organizations can reduce the risks of a ransomware attack. Call us today to see how we can help you.
How IT Staffing Services Can Help Your Business
Between vacation periods, special projects, and of the shortage of manpower, especially in the IT industry, it can be hard for businesses to have the…
Digital Transformation – Now or Never
Digital transformation has been a buzzword for years and every year, pundits declared that this was the year of digital transformation. IDC predicted in late 2018…
How to Know if DaaS is Right for Your Business
Over the last several blogs we have looked at what Device-as-a-Service (DaaS) is, its benefits, and how it differs from leasing. DaaS is a growing…
To Pay or Not to Pay: That is the Question That Ransomware Victims Must Answer
Most people never heard of the Colonial Pipeline Company before May 2021, even though it transports 45% of all fuel consumed on the US East…
How to Ensure the Business Security of Your Remote Employees
In the past, a business was only able to operate effectively if all of its staff and equipment were under a single roof. These days,…