So, by now you hopefully have heard about ransomware and what it can do to you and your computer if you are unfortunate enough to become a target. If you would like a refresher check out one of our previous blogs which talked about Ransomware.
Ransomware infection and business are two words you don’t want to hear in the same sentence, however we’re still hearing in the news that businesses are becoming victims of these almost on a daily basis. So why is this?
Why are businesses not prepared for a cyber-attack?
Ransomware is the ultimate profit tool for the cyber criminals, it can generate high margins and high click through rates, especially if they are targeted at SME type businesses. Why is this? Users are still naive about browsing the internet, they are still too trusting and all too often they will click on an image or open an email without first thinking is this legit. By then it’s too late and the malware has been planted on the machine in question.
In a recent survey of UK businesses, over one thirds of those questioned had suffered a ransomware attack of some sort, with 31% admitting that they would rather pay the ransom instead of losing the data that is core to the running of the business.
The problem with simply agreeing to pay the ransom is, there is no guarantee you are going to get the keys to unencrypting your data, and if you do set some keys, there is no guarantee that it’s going to work as the cyber criminals have already got their money.
Worst case scenarios
So how dangerous is ransomware? On its own it’s an annoyance and may affect one user, and you can live without some data. But if the business is infected and the malware spreads to senior staff members or worse still infects servers, your entire business may be held to ransom.
Imagine that all your files and applications are offline and your business can’t operate until you pay the ransom, this could be days or never. Would you be able to recover from this? Can your business go back and work with pen and paper and no email? Majority of small businesses would be seeing the writing on the wall and closing up shop if this happened.
When was the last time you tried DR or looked at your business continuity policies? Now may be a time to look at this.
How to educate businesses on ransomware?
If your business hasn’t already implemented Cyber Essentials, or ISO 27001 then it may be worth your senior management having a look at these. These accreditations will allow your business to implement security best practices and narrow the entry point for ransomware infections.
Putting your IT staff on cyber security courses may also help educate the business and ensure that the best practices are put in place.
However as best practice your business should be implementing at least the following as standard.
- Always ensure all your files are backed up and stored offsite, if the worst thing happens, you can always fall back to your backups and not pay the ransom.
- Always ensure you have anti-virus and anti-malware protection enabled across all machines and that they are updated at least daily.
- Implement a cyber security user awareness training policy, have regular talks about staying safe and not clicking on links and emails without thinking. Talk about social engineering and phishing attacks for example.
- Another recommendation is to remote local administrative access from all workstations and ensure people don’t log in as administrator/root. This ensures nothing damaging (most of the time) will be executed on your machine.
- Ensure that there is a software update policy, ensure that all Operating Systems and third party software are updated regularly.
If you want to make sure that your business has a healthy security posture, you could also contact a company like TeraByte IT who can come in and perform security health checks and run penetration tests to try and “hack” your business, like the malicious people do and see how safe you actually are.