A record-setting Year
According to cybersecurity experts, there were two pandemics last year, one was COVID-19 and the other was cyber fraud. The FBI Internet Crime Complaint Center reported that in 2020 alone, there were more than 790,000 complaints about cybercrime which equaled a total loss of 4.2 billion dollars. Ransomware was a major reason for this record-setting year and it’s not a surprise that it has been declared the fastest-growing cybersecurity threat. In fact, on July 15, the White House established a ransomware task force just two months after issuing an executive order declaring cybersecurity a national priority.
The basics
In this post, I will explain how ransomware works and what cybersecurity measures you can use to protect your businesses from an attack. Put simply, ransomware is a form of malicious software that hackers try to install by infiltrating a business’s computer network through phishing schemes, unpatched equipment, or by using stolen credentials. Once the ransomware is installed, it locks you out of your system by encrypting your data, making it inaccessible. You will not be able to regain access until you receive a decryption key from the hackers, who will demand a ransom payment and often will exert pressure by threatening to sell or leak your sensitive information.
Here are seven cybersecurity measures that should be implemented to protect against an attack.
Train employees
First, train staff to know how to spot red flags, this includes teaching them to be suspicious and to think before they click on unknown or unexpected links or attachments. Your greatest risk of a security incident lies with your staff. This alone can decrease your risks substantially. If working with a third-party IT provider, they should be bringing this up to you.
Best practices
Second, follow cybersecurity best practices, such as routinely patching and updating software and equipment, using multifactor authentication, using email notices to distinguish external conversations, and requiring employees to update their passwords regularly. Often companies are left open to attack simply because of neglecting to follow basic best practices.
Backups
Third, be sure to backup data and files regularly. Follow the 3-2-1 backup strategy so you have 3 copies of your data, 2 different formats of copy, such as disk and tape, and at least 1 copy of the backups stored off-site. This ensures you can quickly restore your critical business systems if you choose not to pay the ransom.
Limit access
Fourth, know which vendors have access to your network and files, and be sure to cut off their access as soon as it is no longer necessary. Keep in mind that if they get hacked, they could be opening your company up to a cyberattack. Discuss their cybersecurity practices to ensure that they meet or exceed your standards and that their services are following the industry standards and applicable laws. This will ensure you have the legal resource in the event of any breach. Be cautious of who you do business with as some companies completely neglect to secure your data.
Response Plan
The fifth protective measure is to be sure you have a cyber incident response plan to allow for the effective management of what can be an intense and chaotic situation. The plan should establish an incident response team that specifies each individual’s role, and it should include your IT expert and legal counsel to protect your cyber and legal interests.
Insurance
Sixth, make sure you have cyber insurance coverage. Speak to your insurance broker to determine whether your coverage amounts are sufficiently based on potential risks. While insurance can not repair your company’s public image, it can at least help reduce the punitive
Partner with the right IT experts
Lastly, it is important to remember that your IT staff may not have the training or skill set required to protect you from cyber-attacks. If you have internal IT staff, you should ensure that they are expanding their skillset yearly through training. Having a 3rd party do a security audit annually is a worthy investment. When working with an MSP (Managed Service Provider) one should take the time to ensure they have a proper security program in place not only for their clients but internally as well.
How concerned should you be?
Remember that there is no silver bullet or magic pill to combat ransomware. The key is to be proactive and diligent. This threat is very real and could very well impact you or your business at some point. When determining your level of concern, you must ask yourself, can I afford to lose my data? How long can my business cease the use of its computer systems? How would our customers view us in the event we had a cybersecurity incident? Can I afford a $50,000+ ransom?