RANSOMWARE - Invisible Enemy to Your Business
Be sober; be vigilant. Your adversary, the devil, prowls around like a roaring lion, seeking someone to devour.- I Peter 5:8
What is Ransomware?
Ransomware is a type of malicious software, also known as ‘malware,’ which restricts access to systems or data and/or exfiltrates data. There are several ways a cybercriminal can deliver ransomware to affect your computer network or systems or encrypt your data in exchange for a ransom payment. The most popular way is through a phishing email, either by clicking a link or downloading an email attachment. Once activated, it can take over a computer or even an entire network; then, you are at the mercy of cybercriminals.
Ransomware attacks are on the rise
According to recent Verizon’s data breach investigation report, 70% of the data breaches were caused by a Ransomware attack. In fact, according to the National Cyber SecurityAlliance, 60% of small businesses close their doors within six months of falling victim to a data breach or cyberattack. With both the financial security and the future of your business on the line, organizations of all sizes must have measures in place to monitor suspicious network activity and should enhance data security.
I Am a Very Small Fish in the Big Ocean, why should I worry about Ransomware?
That’s exactly why you are a target of cybercriminals because your small business or organization probably doesn’t worry about cybersecurity. Most of the smaller organizations convinced they’re too small to be ransomware targets are mistaken.
One of the Not for Profit in Chicago was hit with a ransomware attack when the employees booted up their PCs, and they were greeted by a skeleton head on their screens and a demand for $100,000 in Bitcoin. SURPRISE!
Like thousands of ransomware victims whose stories never made a headline, unfortunately, many not-for-profits or even small businesses are unaware that they have a critical infrastructure that they should defend and protect. After the ransomware attack, this Chicago-based Not-For-Profit recognized that it had critical infrastructure but no trained cybersecurity personnel or comprehensive data recovery and business continuity plan. And it did not have the means to pay a ransom.
How Ransomware is used?
Cyber criminals hold systems or data hostage until a ransom is paid for a decryption key. Cyber criminals also threaten to publish exfiltrated data or sell it on the dark web.Increasingly, Cybercriminals request virtual currency transfers as a ransom payment method.
Prevention is better than cure, sounds familiar?
Small businesses or Not-For-Profit scan protect against ransomware using several common-sense methods. It’s also worth investing in Endpoint Protection software and other basic security measures. Even Ransomware often easily bypasses the basic Antivirus software, and you should always consider upgrading to the Next-Gen Realtime Endpoint Protection software.
Basic security measures you can take include:
Train all employees in cyber awareness
Believe it or not, some employees still keep passwords on Post-it Notes attached to their monitor screens or on an excel spreadsheet or saved on a notepad. Today’s interconnected remote workforce makes every employee part of the security apparatus. Employees can be important data defenders, provided they have the right information and education. Train employees to safeguard their login credentials, ideally with Multi-Factor Authentication (MFA), to confirm their identities. There are varieties of software out there that will help your employees to safeguard their login credentials and will help them to maintain good password hygiene; some of them are LastPass, Password1, Bitwarden etc.,
Firewalls
The first step to improving your internet defence is to secure your network perimeter with a firewall. Ensure your firewall is configured to block access to known malicious IP addresses. If your organization uses point-of-sale systems, then isolate your point-of-sale(PoS) systems from the Internet and segment them from other areas of the corporate network with a firewall.
User Permissions
The first step to improving your internet defence is to secure your network perimeter with a firewall. Ensure your firewall is configured to block access to known malicious IP addresses. If your organization uses point-of-sale systems, then isolate your point-of-sale(PoS) systems from the Internet and segment them from other areas of the corporate network with a firewall.
Patches
Every threat assessment starts with an inventory of operating systems, software and firmware. Updates will protect a computer network against known vulnerabilities. Consider using a centralized patch management system.
Backups
Every organization needs reliable backups and, just as important, a business continuity plan to bounce back from a cyber-attack. Organize a cyber incident response team and do penetration testing to ensure critical infrastructure is protected. Be proactive with your cyber response, not reactive.
These basic defences are only a start. Without real-time monitoring of network traffic, organizations remain exceptionally vulnerable. Because 100% prevention isn’t affordable or feasible, systems must be in place to detect infiltration and respond before the damage is done.
Comments