Ransomware has been a scourge to businesses for years now, with it unfortunately experiencing a renaissance of sorts as the COVID-19 pandemic came to the fore. With increased phishing attacks and other means of spreading ransomware now taking advantage of the ongoing situation, it is all the more important that these attempts can be identified and mitigated.
In so many words, ransomware is intended to make the cybercriminal money, deriving financial gains by encrypting data and demanding a ransom in exchange for the key to decrypt it (although these keys are rarely actually shared whether or not the ransom is paid). In pursuit of this goal, cybercriminals have become far more ambitious in who they target.
While small and medium-sized businesses are still very frequently targeted, critical infrastructures have been increasingly found in the crosshairs as of late. The attack on Colonial Pipeline caused massive supply chain disruptions, while the cybercriminal group REvil has attacked the supply chains that people rely on to get their food and—more recently—attacked software vendor Kaseya with ransomware, impacting thousands of businesses around the world and inspiring even more attacks against service providers. Considering this, it should come as little surprise that ransomware demands have inflated.
Here’s the crucial bit: preparing for ransomware requires more than just doing what you can to prevent it… it also means you have to be prepared to deal with the consequences of a successful attack.
Our first piece of advice? Find expert resources that you can lean on for assistance in dealing with either scenario. The external aid that Horne & Benik provides will help you to both resist ransomware more effectively and minimize the damage caused by any that might sneak through. Furthermore, specialized insurance is now available for businesses to help them manage the high costs associated with ransomware.
You will also need to evaluate your risk factors related to ransomware. For insurance, how large of a financial impact could you potentially face? What third-party risks are you subject to? How promising of a target could you be for an attacker seeking something, whether that’s financial gain or widespread disruption? How vulnerable are you, really?
Once these steps have been seen to successfully (something that should by no means be a one-time thing), there are two equally-important considerations to prepare for:
Obviously, the ideal situation would be for ransomware to not make it in at all, so it makes sense to do everything possible to prevent your business’ network from being infiltrated. Having up-to-date antivirus, content filtering parameters, firewalls, and the rest of the initial preventative measures in place can block a significant number of threats from making their way in. Arguably even more importantly, your team needs to know how to spot potential threats and how to handle those they do see.
Of course, nobody’s perfect, so chances are good that some ransomware variant will make its way in and take root. This makes it crucial that you are prepared and ready to minimize the impact it has. It’s very likely that contracting ransomware will require you to perform a complete data wipe, so having an isolated backup at the ready could be the very thing that saves your business.
Horne & Benik is here to help you deal with the threat of ransomware, as well as any other tech-related issue that could hinder your team’s productivity. Find out what we have to offer by calling (603) 499-4400 today.
Comments