Don’t get reeled in
Are you afraid of falling victim to a ransomware attack on your business?
By Mark Rossi, president of KML Computer Services. Since 1996 he has been immersed in the technology field, working in various positions, from hardware technician and network manager to network engineer and IT consultant.
If you aren’t, you should be. Ransomware attacks have escalated at an alarming rate over the last few years. Across the world ransomware cost businesses $20 billion in 2021 and is expected to rise to $265 billion by 2031.
Why is this? It is because the criminals are the innovators, and we can only react to them.
So how can you protect yourself from ransomware?
Let’s look at some ways ransomware can enter your system:
•An unsecured network where a bad actor breaks into your system and inserts
malware that takes immediate effect or, more likely, sits dormant in your system
until they are ready to execute.
•An employee clicks on a link in an email or on a website that looks legitimate but is not.
•An employee acts upon an email that is spoofed with a co-worker/supervisor’s name.
•Someone on the network installs infected software from an external storage device, typically a USB drive.
How can you prevent this from happening?
•Hacks are best prevented by a strong, up-to-date hardware firewall that prevents outside attacks and has internal algorithms that can detect and stop viruses as they appear. Keep in mind that your internet provider’s router is not a firewall. A good firewall is an excellent investment in your business.
•Educating your employees on how to recognize a threatening email is probably the best way to prevent someone from clicking on the “wrong link” that installs malware that encrypts your data and sets you up for ransom. There are educational programs that not only teach about ransomware prevention but also can periodically test your employees with safe emails.
•Have a paid version of an anti-virus/anti-malware program installed on all endpoints (computers and servers). Free versions do not update the virus database regularly. Anti-virus programs not only detect and quarantine viruses, but some also identify those that are lurking undetected in the background.
•Prevent installation of external programs by locking down external-drive access.
How do I recover from a ransomware attack?
•Regularly back up your data to offsite storage that is “air-gapped” so it isn’t affected by the encryption of your on-site data. This can allow you to restore the encrypted data with a “clean” set of your data.
•Have cybersecurity insurance that can help you recover from a ransomware attack.
•Avoid paying the ransom. These bad actors are criminals and are not trustworthy even if you do pay them.
Ransomware is a real threat, no matter how big or small your business is. The bad actors are opportunists, and while they are not necessarily targeting you specifically, they will come after those who are not protecting themselves and make their lives miserable.
Don’t take the bait
Phishing is when attackers send malicious emails designed to trick people into falling for a scam. The attacker may trick you or an employee into giving sensitive information, or they may install malware like ransomware onto the computer. You may not even know that it happened…until it’s too late.
