top of page
Search
Kevin Smith

Protect Your Business Against Ransomware

What if you sat down at your desk to start work tomorrow morning and you went to open a file or run a program and you got an error? Then you tried more files and they were all broken? Then you found out others in the office were experiencing the same thing? You hear a few minutes later that one of your colleagues accidentally clicked a link that downloaded a file to their computer which then infected their computer and because security wasn't a concern their full access admin rights, which were inadvertently assigned to her through neglect, lack of understanding, improper technology setup, or some other reason, allowed that infection to spread across the business network and infect all machines and attack all files, across the entire business. What if, because the backups you thought would protect the business in a disaster, were located on a network attached device which the infected person's credentials also allowed them to access, and those backup files were also attacked. Oh, and the off-site backup storage hadn't been updated in months or years because it was done manually and neglected or no one had checked the automatic synchronization? Would your business suffer? 25% of businesses that suffer ransomware attacks end up shutting down. 66% suffer significant revenue loss. More than half suffer adverse effects. So, what can you do? This is by no means an extensive list, however you should consider the following before you suffer:

  1. Education. Simply getting this information out to employees is critical. They need to know what Ransomware is and how to prevent it. Being aware that threats not only exist but are prevalent today since most communication is digital. Strong device protection in the form of EDR (endpoint detection and response; aka next generation antivirus) combined with educating employees on safe practices, red flags, and how to respond are the first line in protection.

  2. Security Privileges. Most small businesses that do not have proper technology infrastructure and management will go with the path of least resistance and allow full access to all privileges to all users. Instead, a well designed security implementation will reduce the access that users have to create potentially devastating situations, whether unintentional or not.

  3. Backup and Recovery. Data security is important and most businesses employ some sort of solution. Many times, however, the backup systems employed fail to protect properly because of incorrect implementation, backup of incorrect data, poorly designed backup storage and redundancy, or poorly designed recovery plans. Sometimes businesses incorrectly assume that since their data is stored in the cloud that it is protected which is absolutely not the case - even Microsoft 365 doesn't fully protect all of the data stored on their systems. At the least you will want to make sure that data is stored in a disconnected and/or offline, off-site location.

  4. Updates. Most security software will automatically protect itself, so make sure this is the case. Other software and devices, however, may not and in many cases do not. For example, many firewall/routers will have unknown security exploits that are found years after the device is released. The exploits are likely fixed in future updates but will require someone with knowledge of the issue and device to update the device and fix the security hole. Without being fixed the entire company network can be compromised and the device that was supposed to protect the business instead becomes a hidden back door to anyone with knowledge of the exploit, and it's a simple thing for a hacker to find these susceptible devices. Our advice is to update software, operating systems, and network connected devices on a regular basis, especially if you have received communication that a device you use is at risk.

  5. EMAIL. This topic relates back to the first point, however since email is the number one entry point for Ransomware attacks it deserves a little more attention. Attackers utilize email because it is so ubiquitous and because brute force attacks on networks and devices has become significantly more difficult. An email is a door into a business and even if there are services employed that attempt to sniff out malicious email attachments and links, some can get through more easily than an outside attacker attempting to break through a proper firewall. NEVER click on links or open attachments from unknown senders, even if the email looks legitimate. Be cautious with emails from known senders because it is relatively easy to spoof an email address. One tactic you can use to check a link is link preview - on a computer or smartphone you may be able to hover your mouse or finger over a link to see where the link is actually sending you - it may read something like fedex.com but is actually taking you to a potentially malicious site like fed3x.com. See the difference?

Hopefully this information helps you make a step or two towards better protecting your business.


If you do not have the time, knowledge, or patience to deal with protecting your business please reach out. We at eSmith IT take security seriously can help you put protections for your business in place and will ensure that, in the unlikely event your business is attacked, you suffer no adverse effects.

37 views0 comments

Recent Posts

See All

Comments


bottom of page