Last week we looked at the 7 Ghosts of Cyber Security. One of these ghosts was Ransomware.
No joke here when we say that Ransomware is a particularly nasty ‘ghost’ of Cybersecurity. I know you’ve heard that term used before (probably even before last week), but let me ask you- do you think this is something you should be worried about? If you answered no, you’re WRONG and you’re probably leaving yourself open to an attack.
60% of small businesses close permanently after a Ransomware Attack
As a recap: Ransomware is a malevolent program that infects your computer and encrypts your files – essentially removing your data from your control. It is exactly what it sounds like: malware that holds your files for ransom. The digital crooks wielding this malicious software (aka malware) demand a ransom for your files back, and these sums of money they demand are exorbitant.
Here’s the thing: Ransomware can affect small businesses, large organizations, and individuals indiscriminately. It’s true that they target businesses more often because there is potentially a larger payday, but individuals have things worth holding for ransom too. I want you to think for a second about the stuff you keep on your computer: client data, perhaps financial information, passwords if you use a password manager (which you should be doing), health records if you’re a medical or dental business, and to our individuals out there- maybe family photos, important documents, banking info, etc.
Individuals have things worth holding for ransom too
So, what happens if someone hijacks ALL of that? Yep, they have essentially kidnapped every bit of information on your computer and now you can’t get it back unless you pay them a crazy amount of money. Yikes! We’re talking access to bank accounts, maybe social security numbers and birthdates, everything!
Here’s a not so fun fact: 31% of ALL US businesses close permanently after a Ransomware attack. When we’re talking only about SMALL businesses that number almost doubles, to a whopping 60%! I’ll bet most of those small businesses had the attitude of “meh- it would never happen to me.” And honestly, that kind of thinking is exactly what leads to people not taking the steps they should to secure themselves. I’m not here to victim blame. Since I can’t poke a finger at a cybercriminal and tell them NOT to engage in nefarious activity and expect it to work, the next best thing is to share how you can AVOID becoming one of their unsuspecting victims.
- Unchangeable backups: Or in “tech talk”, an Immutable Backup. This is a data file that is fixed. It can never be changed, removed, or over-written. This is an important distinction because that means the data will always be recoverable, no matter WHAT these criminal masterminds try. This data is stored both in office and offsite in a secured cloud storage (we aren’t talking Google or DropBox), and should be tested weekly.
- Detection and Response for each computer/server: Your IT people would call this Endpoint Detection and Response (EDR), which is a managed and monitored program that detects malware and ransomware. The endpoint is your computer or server. If an intrusion is sensed, your IT Service Provider can lock down your infected machine before serious damage can be done. Think of this like sucking the oxygen out of the room and sealing it with air-tight doors during a fire.
- Email Scanning at server level– We call this Strong Email in the IT industry, and it is another type of malware scanner but it is executed at the mail server level, meaning your emails and incoming transmissions are being scanned before they hit your machine! Think of this as a personal assistant who checks your mail for suspicious packages and junk mail before bringing it into your home/office building.
- Intruder Detection- or Intrusion Detection/Prevention on your Firewall. As many of you are aware, a firewall is basically like a virtual big titanium door that keeps would-be criminal hackers from entering your network and gaining access to all of your digital stuff. You want to make sure you have a program in place that can detect when someone is trying to break your door down- sort of like an alarm system- and prevent it from happening.
- Using a Secure Remote Tunnel- You may often hear the words Virtual Private Network (VPN) if you hang around computer wizards enough. Undoubtedly, they will likely harp on you endlessly about the importance of VPN’s. If you ever remote into one device from another, regardless of the reason or whether it is a personal or private device, you are ALWAYS going to want to use a VPN, especially over an open Wi-Fi network. Here’s why: if you’re digitally commuting from home to the office, using a VPN would be like driving through a secured tunnel, rather than an open 4-lane highway where anyone can see you and attempt to orchestrate an attack. We also highly discourage you from using any sort of third-party remote-in website and instead strongly urge you to use a SECURE program to do so.
Our clients rest easy knowing these measures are already in place
Okay, so what does all this mean? Most of this stuff is executed at an IT Service Provider level. ‘Wait! I thought you said these were things we can do to avoid this?’ Yes, I did. The important part is that you now have the knowledge of all these ways to prevent ransomware, and with knowledge comes power! What you can do with this knowledge is make sure that all of these safeguards are put into place in your business.
Your IT Service Provider should be able to confirm that these steps have been taken to ensure that you’re covered in the event of an attack attempt. Here at Action DataTel, we take all of these steps (and more) to ensure that you’re safe- and we also provide you with secure access for remoting into your computer from home.
If you’re already one of our clients and have questions about whether or not your plan includes all these protections, reach out and we can have a discussion over coffee. If you’re not, give us a call at 541-494-2099 to set up a free no obligation Cyber Security Assessment. We’ll rate your current level of security and your current risk for a ransomware attack.