Another day, another ransomware attack, each one seeming bigger and bolder than the last.
You may be thinking that you do not have anything to worry about because you are just a small company who does not have any secret data. Besides, your staff does not go to shady websites, and they know better than to click on links.
Unfortunately, easy targets make easy money for these syndicates, and your money spends just as easily as the next guy’s.
Gone are the days when you could easily avoid obvious requests from people in faraway lands, princes who just need your help (and bank account info) so they could get what was rightfully theirs. Cyber criminals are getting more sophisticated by the day.
The most recent attack came through another supply chain targeting a popular software from Kaseya typically utilized by managed service providers, which ironically is supposed to strengthen the user’s security posture, not weaken it. According to The Washington Post, Cybersecurity researchers call this “potentially the largest ransomware attack ever.”
At this point the question is not if there will be another attack, but when. The FBI logged 21% more ransomware complaints in 2020 than in 2019.
Every company in America (and the world) needs to accept the fact that they are a potential target. It is not just Fortune 500 companies or top-secret contractors who are affected. Here are a few first steps to take to prepare yourself:
- Educate your staff – A great place to start is to educate yourself and your staff about the landscape of current cybersecurity threats. Cyber criminals are constantly looking at ways to exploit human nature, and so the first line of defense is the human element. Cybersecurity awareness training can go a long way to help your staff know what to look for and thus help prevent them from falling victim. Having staff think twice before clicking on any links or attachments is always a good thing.
- Backup plan – Make sure you have a robust backup plan for important company data, ensuring that backups are stored off-line or otherwise protected from your network. It is also important to check your backups/restores periodically to ensure you can recover from an incident.
- Response plan – Have a plan/process documented (and practice it) so that your staff knows what to do in the event of an incident.
- Updates/patching – Ensure that company computers, equipment, software, and applications are regularly patched and updated. As vulnerabilities are discovered, vendors release updates and patches to “plug the holes.” Many times, it is the unpatched, known system vulnerabilities that are exploited.
- Employ tools/tech when possible – Putting into place things like firewalls and intrusion detection/prevention systems and coupling them with event and incident management software can help quickly alert your staff that something is amiss.
- Consider implementing some sort of cyber security framework – There are several cybersecurity frameworks available with which a company can start bolstering their security posture. The NIST Cyber Security Framework (CSF), Center for Internet Security (CIS) Controls, Cybersecurity Maturity Model Certification (CMMC), and ISO/IEC 27001 are a few of the available schemes.
There is no foolproof method to guarantee that you will not become victim to ransomware. The companies in the latest attack were proactively trying to protect their systems and still got burned. A company’s main goal should be to prevent becoming infected in the first place through education and in-depth defense of its information system.
But if your defenses fail, you want to have a plan in place to recover your data and get back on-line as quickly as possible. If you or your company gets hit with ransomware and you are not prepared, you are basically left with two options: pay the ransom or lose the files. That is, unless you have prepared and have implemented a strong strategy/plan.
Curious about your company’s cybersecurity posture? Contact DCS and let our staff help you prepare.