In today’s digital workplace, the number of ways that malware, spyware, bots, and ransomware can wreak havoc is never ending. While there are routinely stories in the news about a major corporation or government agency that is the latest to fall victim, do not be fooled that smaller businesses are not targets. The U.S. Department of Homeland Security estimates that 50 to 70 percent of ransomware attacks are aimed at small and medium-sized companies, and more than half of these businesses fail to continue operations as a result.
Ransomware is a type of computer virus that takes your data hostage and demands a ransom payment in return for the release of your data. There are some cases where it is possible to recover your data without negotiating with terrorists. Nevertheless, according to a 2021 Sophos survey, ransomware recovery costs more than doubled in a year reaching nearly two million dollars.
A common way that ransomware enters your network is by tricking an employee with a phishing email. It might be from clicking on a link or opening an attachment from an untrustworthy source. Other attacks can result from malicious code on a website or ad.
Just like biological viruses, ransomware threats change in how they spread and what they look like. Total Networks knows that there is not a magic bullet to protecting your data. It requires multiple layers of armor. Being able to reduce your IT risk is our top priority.
Here are steps your business can take to keep your data safe:
- Patch management – Staying up to date with the latest security patches for your operating systems and software is the most basic layer of protection. As soon as a vulnerability is detected and a patch distributed by the vendor, it is imperative that the patches get applied. Make sure your IT is managing these updates like clockwork.
- Antivirus and network monitoring – all files and traffic in your network should be scanned, examined, and filtered against known threats.
- Backup and disaster recovery – Having good backups are great. But they will not do you any good if you are not able to recover. Do not overlook the importance of testing and monitoring your backups. Many instances of ransomware infect the backups, making them useless. Make sure your IT is monitoring backups like a hawk and has proper security precautions to prevent problems.
- Employee education – since the most common way that ransomware enters the business network is from employee mistakes, make it a high priority to train your employees on how to spot a phishing email.
- Managed threat response (SOC/SIEM service) – Typical antivirus software can only defend against threats that software developers have already seen. Along with Security Incident Event Management logs, the analysts at the Security Operations Center (SOC) evaluate suspicious activity and respond around the clock to stop emerging threats where no automated defenses yet exist.
We must continually respond to new threats and take advantage of new strategies and tools as they become available. The only real defense against ransomware is a strong offense. Talk to your IT about the design of your backups and what scenarios have been considered in your business continuity plan.