VMware, a cloud computing and virtualisation software and services company, reported that 88% of Canadian businesses have experienced a data breach at some point. Cybersecurity, as you already know, is a hot topic lately. It seems like every week, a new company is on the front page of the newspaper after suffering a data breach. Now I know what you’re thinking, those are huge companies, hackers are not interested in my SMB. That type of reasoning is completely wrong and ignorant. Most of the time, hackers send out cyberattacks on a large scale, from a huge list of emails they acquired, hoping for an employee to make a mistake.
It takes one small mistake for your whole life to be turned upside down. If an employee clicks on a malicious email link, the hacker instantly infects your business network with a Ransomware. None of your employees will have access to their computers until a ransom, usually in Bitcoin, is paid to the hacker.
Odds are, if it hasn’t happened already, your business will be hacked soon… Even with the implementation of proper cyber security solutions, your network is never 100% secure. So it is important to be prepared for when the day comes. What will you do if you’re next?
If You’re a Victim of Ransomware, Don’t Pay
All companies need access to their files. However, paying a ransom doesn’t guarantee that you’ll get the decryption key, or that your files will be returned in good condition. Even if you pay, the Ryuk strain of ransomware has been known to damage databases, which can result in your company being forced to rebuild its systems anyway. Payment only encourages cybercriminals to keep using ransomware to make money. Stop the cycle and protect your business by consulting cybersecurity experts who can assist you in decoding the ransomware. If that fails, you’ll have to bite the bullet and rebuild. MicroAge recommends that you employ a number of ransomware safeguards, including employee training, regular backups and updates, as well as security scans and early detection systems.
In 2017, 92% of Canadian businesses reported having a minimum of one digital technology or service integrated into their company. It only takes one person to accidentally open an infected email attachment, and you can kiss your data goodbye.
Organize a security training program that informs your staff about ransomware and other viruses. Your staff needs to learn how to recognize the signs, and they need to be continually updated on the latest threats and coping methods. Ransomware can be inserted into email attachments, placed on vulnerable web servers, and infect out-of-date web pages—also known as drive-by downloads.
There are a variety of different versions of ransomware:
- Encryption. This type of ransomware encrypts all types of files and folders, ultimately rendering them inaccessible. Users may only be aware of the problem once they click on an encrypted file or folder. A ransom not—in the form of a text file—is often provided to inform the user of the payment and where to send it. Some versions of encryption ransomware will also lock your computer screen.
- Locked Screen. This variation will lock your computer screen and display a browser announcing that you must submit a payment to unlock the computer. The upside is that no files are encrypted.
- Master Boot Record (MBR). Located on the first sector of the hard drive, the MBR contains information that facilitates the operating system’s boot onto the computer’s RAM. This type of ransomware rewrites the MBR, causing interruptions and displaying the ransom message.
- Encrypted Web Servers. Content management systems are notoriously vulnerable, enabling ransomware to be deployed onto them in order to encrypt the files.
- Mobile Devices. Android mobile devices are susceptible to drive-by downloads, particularly through the use of fake ads designed to look like popular services.
Spam filters don’t protect companies, but strong passwords and policy and protocol training will strengthen your cybersecurity. Have employees test their know-how with simulated phishing campaigns. This method will show where employees need to improve. Encourage employees to ask for help in identifying phishing emails and other threats. And while employees shouldn’t be doing personal work on a company’s computer or other device, doing a celebrity search can also lead to malicious content being installed on the system. Keep the dialogue about cybersecurity going by including cybersecurity in your internal newsletter and participating in cybersecurity conferences!
Backups and Updates
Yes, making frequent backups and continually updating your systems takes time. But think of the hassle and money you’ll save if you’re attacked by ransomware or by a natural disaster. For one thing, you won’t even consider paying the ransom because you’ll still have all of your data. For another, you won’t need to start from scratch with rebuilds of systems and retrievals of data once the ransomware has been removed. In the event of a ransomware attack, you can restore your backup and get back to business.
Using cloud backup solutions will protect your information from ransomware, but you must ensure you use a trusted company that provides transparency. You have every right to know where your data is, where the company’s servers are located, and what measures are taken to protect your data.
Make sure you stay informed about the latest software versions, so you can deploy any necessary patches that will stop hackers from entering your systems. Updates can also protect you against exploit kits that are comprised of automated threats. They use web browsers to run malware. Of course, if you don’t conduct regular scans or install early detection systems, you won’t know your systems are under attack until it’s too late.
Security Scans and Early Detection Systems
Frequent scans are important. They find, eliminate, or quarantine viruses before they can cause any damage. However, scans are only one part of a larger protection plan. What will make your business a cyber stronghold is an annual assessment, which can include penetration testing and social engineering evaluations. Yearly assessments are a type of early detection method that allows you to pinpoint vulnerabilities before the hackers find them. Add early unified threat management programs to your arsenal of cybersecurity tools. It searches for suspicious activity, alerting you when there’s a problem.
With managed IT services, you will benefit from optimized cybersecurity without having scores of on-site personnel or spending too much on a plethora of resources. MicroAge assesses your needs and customizes your IT services accordingly. No matter what type of organization or size of company you are, ransomware can infiltrate your system at any time. Consult our Ransomware Handbook for more information, or contact us today!