This article was first published in First Voice. Written by Muhammad Yahya Patel, Security Evangelist at Check Point Software Technologies.
Ransomware is favoured by many hackers because it is quick to deploy and offers lucrative returns. Commonly, criminals gain access to high-value data and encrypt it so that it cannot be accessed without an unlock code, which is offered in exchange for cash.
However, it’s key to remember, we are dealing with criminals and there is no guarantee that once the ransom has been paid that your data will be unlocked. Some may even try to raise the stakes by launching a double or triple extortion attack, where they leak some data to increase the pressure and demand more money from individuals or organisations.
Yet few small and medium-sized businesses realise they are just as at risk, if not more so than larger enterprises. In fact, in 2022 alone, 61% of all cyber-attacks were aimed at small businesses, according to Symantec.
Part of the appeal is that small businesses retain a wealth of confidential information, from medical records to bank accounts, all of which cybercriminals can either sell or hold for ransom. The initial cost of a ransomware attack can be crippling, not to mention the additional fines you may be subject to if confidentiality laws are breached. Add to that the loss of customer trust that many small businesses rely on to compete with larger companies, and you get a clearer picture of how devastating an attack can be.
Taking action
As threat levels increase in frequency and sophistication, how can you increase your cyber resilience to prevent a ransomware attack? Here are three key steps that could make a big difference:
1. Patch regularly and keep IT equipment up to date
It may sound simple, but keeping on top of the latest software and security patches could prove invaluable when it comes to protecting your organisation against any potential cyber threats. This is especially true when you consider a recent survey by Cass Information Systems found that 80% of all bring-your-own-device (BYOD) policies in a company are not managed.
Applying updates for tablets, smartphones, laptops and PCs as soon as they are available is one of the most important steps you can take to improve security. Ensuring operating systems, software programmes, phones and apps are set to ‘automatically update’ prevents gaps in your security posture.
2. Control the use of USB sticks and external hard drives
Small businesses expect a significant proportion of employees to continue working remotely for at least part of the week. Ensuring their security is managed correctly should be your highest priority. For example, we’ve all been tempted to transfer files between colleagues or organisations using an external memory stick or USB drive, but it only takes one unsecure device to compromise an entire network.
When these sticks and drives are openly shared, it becomes increasingly difficult to track the files they contain. On top of this, how do you know who has used the device previously and where it has come from? Using endpoint protection tools, blocking access to physical ports and only allowing the use of approved sticks or memory cards can all reduce the likelihood of a breach.
3. Don’t backup data to your main server
Often companies are lulled into a false sense of security because they have a back-up somewhere, but in many cases they are saved on the same server as all of their other data, meaning it will all become unavailable during an attack.
Instead, organisations should identify essential data that their business cannot function without and have a completely isolated, off-site network backup so that when they are recovering from a ransomware attack, employees can access key files that allow them to continue with day-to-day operations.
Prepare for change
Ransomware is a growing problem and is showing no signs of slowing down. As a result, small businesses need to act now before an attack occurs. Your cyber security strategy isn’t a one-off project, it needs to be agile so that it can adapt as the threat landscape changes.
The methods hackers use are constantly evolving and as such your business needs to be prepared to change your approach at the same rate. It is essential that this becomes a priority for every small business because any delays can result in a devastating outcome.