Ransomware, a type of malware or virus that keeps users from accessing their systems or data until a sum of money is paid, is on the rise. Phishing, where a user is misled to clicking on an infected link, is still the number one way for cybercriminals to deliver payloads.
Ransomware has been around for a while and continues to be a top threat for organizations. While having a proactive disaster recovery plan can aid in withstanding a ransomware attack, it’s also important to keep tabs on the different ransomware threats out there—and to understand how they might impact your organization.
Let’s start with some facts: Half of cybersecurity professionals say they do not believe their organizations are prepared to withstand ransomware attacks. That is despite the fact that ransomware costs businesses over $75 billion each year. The average cost of a ransomware attack hovers around $133,000.
Perhaps the scariest statistic is the fact that three-quarters (75%) of companies infected with ransomware were running up-to-date endpoint protection.
So what is a company to do?
Adjust Security Posture
FBI recommendations include the implementation of strong spam filters that can catch phishing emails. It also recommends the authentication of inbound email via Sender Policy Framework (SPF), DomainKey Identified Mail (DKIM), and Domain Message Authentication Reporting and Conformance (DMARC) in order to avoid spoofing.
For companies not using Remote Desktop Protocol (RDP), that functionality should be disabled. Antivirus software should be up-to-date, and firewall software should be configured to block malicious IP addresses. Companies should also remain current on key software updates.
Most major software providers like Microsoft and others are constantly monitoring for the latest ransomware variants, so companies should take advantage of any software patches that are released on behalf of those companies.
Have a Backup Plan
Companies need to remain current with security best practices. That means not storing sensitive data or business records on a computer or closet server. Organizations should conduct regular backups to the cloud or another offsite server to mitigate the potential impacts of a ransomware attack.
Better yet, companies can back up to more than one location. The key is to not wait until a breach occurs to take these important steps, which can lead to the end of a business.
Train and Educate
While having the right technology and tools in place is important, the users must be aware of these tools and know how to use them. It’s also important to have documented security protocols in place and to ensure that people know what that protocol is and how to execute the proper incident response if needed.
Additionally, employees need to be trained on how to spot ransomware so they do not make the mistake of exposing the business to an attack. Businesses should create some type of cybersecurity awareness and training program. This can prevent incidents from originating when an unknowing employee clicks on a malicious link or opens an attachment with a virus.
Resist the Ransom
If ransomware does happen to your business, do not pay the ransom. The biggest reason is that there is no guarantee that you will retrieve control over your systems and data. Additionally, if you have backed up your data, you should be able to recover it, though this could take some time. Ultimately, the decision is yours, but it can be helpful to weigh the pros and cons.
While ransomware is a real threat, mitigating your risk with a solid security strategy can take away some of its power. Find the right mix of preventative steps and responsive measures to keep your business safe.
Photograph by Sebastiaan Stam on Unsplash