Following a spate of high-profile attacks, it is all too easy to consider ransomware as a threat more for large, well-known, businesses. Research, however, suggest this is far from the case. There are plenty of reasons for small or medium businesses (SMBs) to be proactively approaching the issue of ransomware. With some 35% of SMBs hit by a ransomware attack in 2020, at an average cost of $183k this is a trend that shouldn’t be ignored.
SMB’s can no longer treat cybersecurity as lesser priority compared to other businesses issues. Pre-emptively securing your businesses, as well as building a plan, is now essential for business continuity. This is to say, if the threat of ransomware isn’t on your radar, you are putting your business and its data at substantial risk.
In light of the recent Anti-Ransomware Day, here are some key measures and best practices for businesses.
- Back-up systems as an ongoing process
Making system backups should be a regular process and ensuring they are up-to-date and accessible is vital. And keep them on devices not connected to the corporate IT network. That will keep data safe if the entire network is ever compromised. Also ensure you can find and invoke backups quickly in case of an emergency. This is great practice for any number of situations, not just ransomware. Think of it like being able to go back in time to before any incident caused loss or corruption of company data. One big benefit of this approach is that the business can continue running smoothly without the interruption of downtime.
- Consider updates as a cybersecurity essential
Making updates when prompted by your operating system can seem like an unnecessary pain – particularly if you’re making great progress on work or have a list of emails to send. But, running an update on your OS or business software can provide critical security updates, as well as features that may just make the work you’re doing easier. Instead of seeing it as wasted time, use it to stretch your legs, rest your eyes, grab a drink, and come back with renewed focus – and most importantly, a secure machine.
- Maintain communication around cybersecurity
Knowledge is power when it comes to being safe online, so make sure you talk to your employees about the variety of cybersecurity threats they might encounter, whether that is phishing emails, untrustworthy websites, or software downloaded from unofficial sources. Make the process relaxed and informal with an ‘ask me anything’ online session accompanied with plenty of imagery and real stories to keep it engaging and relatable. If a more formal approach is needed, consider interactive training and tests to ensure staff remain vigilant, with special attention paid to employees that work with sensitive data, such as accountancy, legal, and HR.
- Remain disciplined with safe passwords
Not all passwords are created equal, so make sure you use strong ones to access corporate services and use multi-factor authentication to access remote services. This is particularly important for business services like accountancy, where such precautions can save data and money from accidental or deliberate actions. Take the example of a lost laptop. Most businesses are prepared for the loss of physical property, but it’s only with secure passwords that they can be reassured that data will remain secure should the laptop fall into the wrong hands.
Password managers can be an effective way of making this process easier. These software programs create, store and enter secure passwords for you, so that all you need to remember is the password to launch the password manager. This removes the barrier to remembering multiple different passwords, which often leads to individuals using weak passwords, or one password across multiple accounts.
5. Plan for the worst
When instances of data loss occur for any reason, panic often ensues, with different departments assessing how it will affect them and their teams. Response and crisis communication plans will take the edge off a terrible situation if the worst does happen. See it as a shelter and a stock of supplies against a future storm that will help your business better weather it, by saving time on decision-making if an urgent response is needed.
What if the worst happens?
Ransomware is a threat to businesses of all size and scope, and it remains crucial to stay vigilant. As a rule, never pay the ransom. Although this may seem like the best and only option at the time, this will not guarantee that seized data will be returned. To the contrary, it will only confirm that the perpetrators activity works. In order to tackle ransomware long term, we all need to do our part to show that crime doesn’t pay.
Notably, our global study of 15,000 consumers, found that only a quarter of those who paid fraudsters ever got their data back. The top priorities following a data breach should be to report the crime to your local law enforcement agency or find a decryption tool online through a reputable source such as No More Ransom.
There is no magic solution for ransomware attacks, and this is especially the case after they have occurred. For businesses of all sizes, however, cybersecurity can be enhanced massively by simply cultivating good habits. By making cybersecurity a seamless part of your day-to-day operations you not only limit the potential of a vulnerability, you limit the effort required to be ‘cybersecure’.
David Emm is Principal Security Researcher at Kaspersky, a provider of security and threat management solutions.
David joined Kaspersky in 2004. He is a member of the company's Global Research & Analysis Team (GReAT) and has worked in the anti-malware industry since 1990 in a variety of roles, including that of Senior Technology Consultant at Dr Solomon's Software, and Systems Engineer and Product Manager at McAfee.
In his current role, David regularly delivers presentations on malware and other IT security threats at exhibitions and events, highlighting what organisations and consumers can do to stay safe online. He also provides comment to broadcast and print media on the ever-changing cyber-security and threat landscape. David has a strong interest in malware, ID theft and the human aspects of security, and is a knowledgeable advisor on all aspects of online security.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.