Conventional wisdom holds that most ransomware attacks are directed at large organizations with vast amounts of sensitive data and immense financial resources. In fact, research indicates that about three-quarters of these attacks target businesses with fewer than 100 employees.
While the largest organizations across all industry sectors are certainly the most high-profile victims, two important characteristics that make small to midsized businesses (SMBs) enticing targets — there are more of them and they have far fewer cybersecurity defenses in place.
SMBs account for 99 percent of all businesses in the U.S. Although they face the same threats as their enterprise counterparts, they have nowhere near the staff, expertise and budget dedicated to cybersecurity measures. Many SMBs only have a single IT person, but that’s not sufficient to address the scale and sophistication of today’s threats.
Ransomware is easily the most significant of those threats. It is a type of malicious software that encrypts an organization’s data, making it unusable until the victim pays a ransom. According to the FBI Internet Crime Complaint Center, ransomware attacks have nearly doubled in frequency and quadrupled in financial damages over the past three years.
It’s no coincidence that ransomware growth dovetails with the pandemic-driven changes to the workplace. Remote work and the increased use of cloud services and applications create many business benefits but also open the door to attacks from beyond the traditional network perimeter.
A combination of proactive prevention and a well-developed recovery plan is the best way to deal with ransomware. Here are some of the ways you can reduce your exposure:
Increase employee awareness. Most ransomware is unleashed when someone clicks on a malicious web site or phishing email. Remind employees of these three basics: 1) Don't open emails from senders you don't recognize; 2) Don’t click on email links if you aren’t certain that they are legitimate; 3) Don’t open email attachments or web links unless they are expected and come from a trusted source.
Use spam filters. They scan all incoming email to prevent most phishing emails from ever reaching employees’ inboxes.
Keep software up to date. Along with phishing, software vulnerabilities are among the top ransomware infection vectors. Consistently patching and updating software and operating systems helps limit exposure.
Secure remote access. The remote desktop protocol (RPD) enables users to access company resources from a home PC using an Internet connection, but it has known vulnerabilities. Apply encryption, two-factor authentication and other security features to mitigate risk. In addition, block all remote access ports at the firewall or network gateway unless there is a valid business reason for having them open.
Back up data regularly. Consistent backup practices ensure you have a clean version of your data and files in the event of an attack that encrypts your data. You must also regularly verify the integrity of those backups and test the restoration process to ensure it is working.
Secure your backups. Ensure backups are not connected permanently to the computers and networks they are backing up. Some ransomware strains target backup environments and leave victims incapable of recovering from an attack. Safeguard against this threat by having at least one backup copy isolated in the cloud or in an offsite location.
Small businesses with limited cybersecurity resources are enticing targets for cybercriminals, but these steps can help reduce your risk. You can further boost your defenses by working with a managed services provider such as IronLogix who can provide cost-effective access to the manpower, expertise and solutions you need. Contact us to schedule a free assessment or just to discuss your security concerns.