Most cyber attacks are profit-driven, and one common type of attack is something known as Ransomware. It encrypts all files on all machines in an organization, and the data is then held hostage until you pay the attackers.
Even if you agree to pay, there's no guarantee that the attackers will release the files, or that they won't share the stolen data. Ransomware is expensive and damaging to any business.
Ransomware attacks often begin with an email. Even the best security filters aren't going to stop 100% of attacks, and so the final line of defense becomes employees and associates. Is your team trained to identify phishing attacks? Are your systems fully patched and up to date?
One of the biggest mistakes we see companies make when it comes to cyber attacks is that they think it only happens to big organizations. We have seen 5-user networks successfully targeted. It can happen to anyone.
Tips to Protect from Ransomware
- Deploy email security platforms that can identify and block many phishing and fraud attempts before they arrive in user inboxes.
- Train users with a comprehensive Security Awareness program how to identify those emails that get through and what to do about them.
- Run patch management software and services across every device that has data access to your organization so they are always running the latest operating systems and firmware.
- Back up your data to locations that are separate from your network so that you could restore it if necessary.
If you are attacked, immediately disconnect all devices from the network. Contact your insurance carrier and report the incident to the authorities. Consult with your legal team and insurance provider regarding laws surrounding issues like mandatory reporting requirements. Be mindful that paying the ransom doesn't guarantee that your data will be returned, nor does it guarantee that it won't be shared.
Finally, prevention is much less expensive than recovery. Work with a qualified IT provider to harden your defenses against ransomware today.