How to Keep Your Business Secure from Ransomware Attacks

UNDERSTANDING THE PROPOSED CHANGES TO THE SAFEGUARDS RULE AND WHO IT EFFECTS
 
Portage, Michigan | January 18, 2021

This year it is projected that a ransomware attack will occur against a business every 11 seconds. That’s a two-second change from last year where an attack happened every 13 seconds. Just imagine how much worse these attacks will be in the next two to five years if it keeps up at this rate.

This is why it’s time to get ahead of the hackers by developing a security solution to protect yourself, your data, and your business.

Don’t wait for an attack to happen before you think about ransomware protection. Continue reading for the how-tos on keeping your business secure from ransomware attacks.



What is ransomware?

Ransomware is a cyberattack where the attacker encrypts or locks up your data, so you cannot use or access the files and then demands a ransom. Once you pay the ransom you get a decryption key to restore your data.

Victims typically receive a ransom note that appears on their computer screen from the attacker with details such as:

  • The amount they are requesting.

  • Where and how to pay (Usually through cryptocurrency like Bitcoin).

  • How much time they have to pay before their data is leaked or erased.

  • What data they are going to the public or erase.

Your organization can become infected with ransomware very easily. From an employee downloading an email attachment containing the malware, the hacker accessing control of a computer on your network by guessing the password, to missed security patches on devices. There are many ways hackers can deploy ransomware which is why it’s important to have the right security solution in place to keep your business secure from ransomware.


Remote Work

Since working from home isn’t going away, let’s talk about remote work security and how this can impact your business from a ransomware standpoint. Since your staff and their PCs are no longer protected behind the office firewall, this opens up more doors for hackers to get in.

If your employees working from home do not have a secure connection, don’t use a VPN, and don’t have updated antivirus and firewalls on their home devices, your first step is to secure all of that.

Second, this may have been many people’s first time working from home. Therefore, many simply do not know how to stay safe and prevent cyberattacks like ransomware. Not to mention, they don’t have someone next to them at the office to ask if the email they just received is legitimate or if this website looks safe to download a file from. Sometimes your co-worker’s help is all you need to prevent that link from being clicked, entering sensitive information, or downloading that file.

So, when your staff is working from home they don’t have that person next to them to ask for clarification. To combat this, reassure them it’s okay to forward the email to your I.T. department or MSP before they take action. It might seem annoying to do so, but this could prevent ransomware or another cyber attack from taking place.

It’s also important to note that once an attack has been successful on an employee’s home network, all the hacker has to do is wait for that staff member to connect to the corporate VPN. Once connected to the corporate VPN, the attacker has now made their way onto your network.

Because of this, it’s important to educate your staff on always practicing safe cyber habits - at home and work for complete ransomware protection. More on this in the ‘Educate Employees’ section.


Backup & Disaster Recovery

Backup. Backup. Backup. Backing up your data is very important! Without a copy of your files, you are putting your business at a huge risk. Having backups of your files allows you to restore the data that is locked for ransom by the hacker without having to pay the ransom and use their decryption keys as long as your backups are not encrypted either. If your backup is connected to the same network where the ransomware was deployed then chances are your backups are encrypted as well. Anything on the same network can be accessed by the attacker.

Aside from a cyber attack, your data can be lost from theft, natural disasters, accidents, hardware damage, and more. You’ll want to have multiple backups of your data in a few different locations to combat this. A few different locations usually mean on-site, off-site (like your MSP’s office), and the cloud. This will ensure that if the backup on-site is also encrypted you are still able to restore your data with one of the other backups.

And it’s not enough to just have backups. You need to ensure your backups are working properly. So don’t forget to test them! When testing your backups you will want to ensure you can recover all of your data and quickly. You can do this by periodically running DR or disaster recovery tests. This test examines how well your disaster recovery plan works. How fast were you able to restore data and resume normal operations? Were you able to restore all of our data correctly? Is any of it missing, corrupted, or formatted incorrectly? You can use this test to note what worked well, what slowed down your recovery time, if there was a lack of communication, and any other parts of the process that could be better optimized.


Be Proactive

Don’t take a back seat on protecting your data from ransomware. Instead, be proactive by preventing cyber attacks before they happen.

This can be done by monitoring your network for potential threats and vulnerabilities 24/7.

Look for any devices connected to your network that shouldn’t be there or that you don’t recognize.

Ensure all supported devices receive their necessary updates. Even updates on applications such as Microsoft Word, Adobe applications, and updates to your operating system. Hackers will find any way to get in and many times it’s up to the user to update their apps if the vendor does not. So accidentally missing an update is a very easy way for hackers to get in. And you don’t want to make it any easier for them by letting an update pass you by.

Using great cyber-hygiene practices throughout your organization is another proactive way to prevent ransomware attacks before they happen. Such as enabling two-factor authentication for all accounts and devices, changing passwords quarterly, not using the same passwords for work and personal accounts, and more on educating your staff on cyber-hygiene below.


Educate Employees

Educating your staff on proper cyber hygiene habits is crucial to the security of your business. Just one mistake is all it takes for your business to be the next victim of a ransomware attack. Just one. This is why it’s so important to take security awareness training for your staff seriously. While this may sound complicated or time-consuming it doesn’t have to be.

 

There are many ways you can go about educating your staff on not only safe cyber habits but also the importance of them. This helps to ensure that training and education are taken seriously every day. Try to relate the importance of this training to their personal life. If your staff can get in the habit of practicing good cyber hygiene at home these practices will follow into their work routine, as it becomes second nature and not just another protocol they are told to follow.

 

Another best practice in educating your staff about security awareness is to relate the training to their job functions as much as possible. For example, your sales team might not need the exact same security training as someone from accounting because job functions, responsibilities, and the software look different in these departments. The more the training relates to what an employee does daily increases adaptability and their interest in the training. You wouldn’t want to complete an exercise, course, quiz, or watch a video that does not pertain to you at all, would you? If so, just think about how much you would zone out, all the times you would ask yourself “Why does this matter to me?”, and how little of the material you would retain. You don’t want your time wasted, so why waste others.

 

The above works best when the security training is more in-depth and specific to certain departments, and not for a general overview of security awareness training.

 

Free security awareness training resources:

(Quiz) How Well Can You Spot a Phishing Email?

(Video) Spotting Phishing Emails

(Blog) Tips to Help You Stay Safe Online

(Podcast) [Pt.3] What Should You Do to Fight Back Against Cyber Attacks?


Help From An MSP

Fortunately, a managed service provider (MSP) can be your knight in shining armor when it comes to keeping your business secure from ransomware. Without an MSP or an in-house I.T. professional you most likely have no one monitoring your systems. Therefore, once a ransomware attack happens to your business then you respond. This is a reactive approach. An MSP takes a proactive approach, meaning your systems are constantly being monitored for potential threats. From there, the risk can be mitigated before the attack happens. Stopping a problem like ransomware before it happens sounds a lot better and a lot less of a headache to me than dealing with the issue after it has happened.

 

As mentioned earlier, the importance of security awareness training for your staff is crucial to prevent ransomware and other cyberattacks. Again, your knight in shining armor to the rescue. Partnering with an MSP that offers such training is very beneficial to you. That’s one less thing for you to have to worry about. If you’re in Michigan, check out Omega Computer Services.

 

Another reason partnering with an MSP helps your business to stay protected from ransomware is through a backup and disaster recovery solution. An MSP will make sure your data is backed up regularly, and in multiple locations to ensure your data is protected at all costs. Backups and disaster recovery plans are tested to ensure they will not fail and to get your business back on its feet as soon as possible if the worst-case scenario does happen.


Bringing It All Together

While there is never a 100% foolproof method to preventing anything, the same is true for ransomware. However, by taking into account everything mentioned throughout this post, you are greatly reducing your risk of becoming victim to a ransomware attack. Not to mention, making it that much harder for the hacker to be successful. With so many easy targets out there, why would an attacker take more time to successfully launch a ransomware attack on your business than on one not implementing any security measures or one with open doors into their systems.


 
The Omega Blog. Technology Blog. Insurance Blog. Cybersecurity Blog. Financial Blog.

Insurance security guide. Insurance agents. Insurance solutions. Insurance industry. Cybersecurity. MSP. SMB.

The Geek Freaks Podcast. Technology Podcast. Insurance Podcast. SMB Podcast. MSP Podcast.

SecuritySquare Studio Dev