How Can We Protect Our Company from a Ransomware Attack?

How Can We Protect Our Company from a Ransomware Attack?

One of the most disruptive and devastating forms of malware a company can face is a ransomware attack.

Ransomware is the digital version of kidnapping, only in this case it’s all your files that are taken away through encryption. The similarity is that the attacker requests a ransom before they’ll give you access back to your files.

And, we’re not just talking about a few files in a hard drive. Ransomware attacks take out just about everything, including cloud databases. Most attacks bring an organization to a standstill because they can’t access data in any of their applications.

In April of 2020, the Parkview Medical Center in Pueblo got hit with ransomware and were unable to access the system that stored patient records. They had to revert to using paper forms, slowing down critical health care services. 

Why is Ransomware So Dangerous?

Without the right data and network security, companies can pay a pretty high price for a ransomware attack. It’s not only the cost of removing the ransomware itself and restoring a backup (or paying the ransom), it also involves the cost of downtime, which can be even more significant.

Here are a few reasons ransomware should be on your company’s security radar:

  • The payoff is getting better: When something is working for criminals, they keep doing more of it, and by all accounts, ransomware is working. The average ransom demand per incident rose from $5,900 in 2019 to $8,100 in 2020.
  • Downtime costs are rising: The average downtime costs for ransomware victims is also rising. Ransomware downtime costs per incident more than doubled from last year, rising to $283,800 in 2020.
  • Ransomware often targets cloud services: Ransomware isn’t only a concern for on-premises data, it also targets data in cloud-based applications. Top cloud targets include Dropbox, Microsoft 365, G Suite, Box, and Salesforce.

Here’s How to Safeguard Your Data Against Ransomware 

When it comes to ransomware protection, just as with most cybersecurity strategies, a multi-pronged approach provides the strongest defense. 

Here are some of ways to avoid becoming a ransomware victim.

User Cybersecurity Awareness Training

36% of the successful ransomware attacks in North America are due to lack of proper cybersecurity training. 

Phishing remains so prevalent because it works. It employs deceptive methods such as email spoofing that fool users into believing an email is legitimate, so they end up clicking a dangerous link or opening an attachment that contains ransomware.

Users should be trained on a regular basis (not just during onboarding) on how to spot phishing, as well as on other data security topics, like password safety.

Smart and aware users can stop a ransomware attack from ever happening by being vigilant as they go through their inbox and adopting good cybersecurity best practices. 

Use Anti-Phishing & Anti-Spam Safeguards

The main delivery vehicles for ransomware is through spam and phishing emails. 67% of ransomware in North America is sent this way. 

In addition to user training, reducing the number of risky emails in a user’s inbox can also help you prevent a ransomware attack. You can do this by adopting anti-phishing/anti-spam applications. 

Have a Solid Backup & Recovery Strategy

If no one ever paid a ransom, then ransomware would go away pretty quickly. But unfortunately, a majority of victims will typically pay the ransom. This is for two main reasons:

  • They don’t have a backup and it’s the only way to get their data back
  • They have a backup, but the data recovery takes too long, and they need to mitigate downtime costs

46% of small & medium businesses have dealt with ransomware attacks and 73% of them paid the ransom.

Having a solid backup and recovery strategy is your best insurance against suffering high costs from a ransomware attack. And by “solid” we mean one that has a fast data recovery mechanism.

If you have a backup and recovery plan in place, then when an attack happens, you can quickly have your IT professional clean the ransomware from your system and restore all your data, getting you back up and running without having to pay a ransom (which further encourages the attacker).

Use Advanced Threat Protection (ATP)

Ransomware takes over data in various files and executes an encryption command that makes it unreadable. Using an advanced threat protection system that restricts how programs can execute and which ones can access your files, can stop ransomware from being released after it’s been downloaded.

ATP systems can be put in place for on-premises firewalls as well as cloud solutions. They do things like:

  • Application whitelisting (only allowing approved programs to run)
  • Behavior monitoring 
  • Quarantine emails suspected of email spoofing
  • Application ringfencing (protects sensitive applications)

Ensure Your Company Doesn’t Become a Ransomware Victim

Does your business have all the needed safeguards in place to stop ransomware? B-Comp Services can do a security review and recommend measures to fill any gaps in your cybersecurity. 

Contact us today for a free IT security consultation at 303-282-4934 or through our contact form.