If you’ve been paying attention to the news at all lately, you’ve likely heard about ransomware attacks against large organizations, like Microsoft, Colonial Pipeline, JBS Foods and more. But, small to medium-sized businesses should be cautious as well.

Ransomware attacks increased 120% in 2020. In 2019 62% of ransomware incidents targeted small to mid-sized businesses. It has become clear that small businesses cannot afford to ignore ransomware threats.

Ransomware attacks typically involve the encryption of data followed by a demand for payment in exchange for restoration. They can be extremely costly and disruptive to the operational resiliency of an organization.

These guidelines can protect businesses against a variety of threats, including ransomware attacks.

Protecting the business

It’s important for business leaders to be aware of the impact of ransomware attacks against their organizations. If your business relies on information systems to operate, then you’re at risk! The guidelines below can help prepare your business for and possibly prevent such an attack:

• Avoid phishing scams – The majority of ransomware attacks start with phishing emails. This means that employees are the first line of defense against ransomware attacks. Make sure that employees are aware of the risks with phishing attacks and how to detect and prevent them. Also, use email software that detects phishing emails and prevents their delivery. Google Workspace and Microsoft 365 have these features built-in by default.
• Safely store and transmit passwords – Use a password manager, like KeePass or 1password. Avoid storing passwords and sensitive information in documents, spreadsheets, text files, CRMs and more. Make sure to use a secure method to transmit passwords and other sensitive information, like madpush.net.
• Confirm who you’re speaking with before giving out sensitive information – Social engineering is the act of trying to obtain sensitive information by people unauthorized to access it. If you’re not 100% certain that the person you are speaking to is who they are, then use 2 additional pieces of non-public information to confirm their identity. This could be a customer pin code, customer website or other private information.
• Make sure all systems, websites and applications are kept up to date – Vulnerabilities in websites and other systems give attackers a way in that could not only be operationally disruptive but also embarrassing. Be sure to keep any websites and applications you use up to date to prevent such attacks.
• Make sure your computer is running the latest operating system and virus scanning software – In the event that a virus is downloaded to your computer, antivirus software can prevent a catastrophic ransomware attack. Furthermore, make sure all software on your computer is kept up to date to prevent the exploitation of security vulnerabilities.
• Make sure all employee hard drives are encrypted – Your computer contains a variety of sensitive information, including websites you visit, sensitive documents and passwords. You should use disk-level data encryption on your computer to protect that data in the event that the physical machine is lost or stolen. This can be done on Mac, PC and Linux
• Ensure that there are complete backups of your data, stored at an offsite location – There are many reasons to keep your data backed up. Equipment failure can happen at any time, and even cloud providers can be compromised. Keeping your data in multiple locations is the best way to ensure operational resiliency. Backups should also be tested so that you can be sure that they’re properly working and can be easily restored. One important note: if you keep your data in cloud storage (like Dropbox, OneDrive, or Google Drive), you’ll still want to back up that data at an additional location to ensure resiliency against ransomware attacks.
• Use multi-factor authentication (MFA) wherever you can – Sometimes referred to as two-factor authentication (2FA), this mechanism adds an additional layer of protection should your username and password become compromised. You’ve seen this type of access control implemented on your online-banking platforms. The use of MFA is extremely effective in protecting against unauthorized access, and using it protects your business against a variety of threats.

There’s always more you can do to bolster the cybersecurity posture of your business, but these guidelines are a good place to start to protect yourself from ransomware attacks. The United States Cybersecurity & Infrastructure Security Agency recently launched the website stopransomware.gov where more information and resources can be found.

Written by David Jones, Chief Information Security Officer

David Jones, Chief Information Security Officer at Madwire, has been with the company since 2010. He is a Certified Information Security Manager and holds a CISO Executive Certificate from Carnegie Mellon University. Prior to his work at Madwire, he owned and operated a successful information technology consulting business in Northern Colorado. David believes that technology adoption enables small businesses to achieve a competitive edge that was previously out of reach and he is passionate about ways businesses can protect themselves from an evolving threat landscape.