As a child, I remember being taught how to fish by my friend’s dad. Still, a novice my friend and I would get elated anytime we caught anything! Her dad on the other hand, only went for the biggest and the best, paying no mind when he’d unintentionally snag a little guy. But with the three of us involved, all fish, big and small, were in danger of getting hooked.
Unfortunately, it’s the same way with hackers. They don’t care about the size of your company; they’re fishing for you. Small companies are even viewed as a suitable training grounds for novice hackers! Every company, regardless of size or location, should be taking all preventive steps against ransomware.
What exactly is ransomware? First, hackers hang around your system, watching your company’s actions. Then, they steal and copy your data to the Internet. After that, when you aren’t expecting it, they put malicious software into your computer system and encrypt your data, rendering the system(s) inaccessible.
For Colonial Pipeline’s attack, they did so via a compromised VPN password that didn’t utilize multi-factor authentication! They also can gain access through phishing, insecure remote access points, exploiting passwords, and/or watering holes (when anyone who visits a compromised site gets hit). Their end goal is to get paid for returning access, unexposed to the Internet. Unfortunately, once you’ve been attacked and ransom is demanded, it’s a vicious cycle to get out of. Therefore, preventative steps are key. Without them, you may as well be flopping right out of the water into the fisherman’s hands.
Ransomware is, unfortunately, ever-evolving and ever-intensifying, thanks to COVID. When everyone began working from home and slowly switched to a hybrid schedule, the number of ponds to fish at increased. Now, hackers can not only fish for access at your office, but also everywhere your employees work remotely! In 2020 alone, ransomware attacks in the U.S. rose over 300%. Now, you must protect all the places your employees work from on a day-to-day basis!
If that isn’t enough to put preventative steps in place, there’s yet another moving piece to consider. You can no longer assume your insurance company will cover paying the hacker for returned, unpublished ransom and restoring any damaged data. In the past, companies would get attacked and quickly pay the ransom, relying on insurance. We’re learning, though, what a negative cycle this is to fall into. Consider this:
- There’s no guarantee they’ll recover your data or system, nor leave it unpublished.
- They may attack your company again, knowing you paid in the past.
- The ransom could fund more illegal, malicious activities.
- Hackers’ demands shouldn’t be met.
- Last but not least, it encourages more attacks. They want to keep getting paid!
Because of that, both insurance companies and the federal government are allowing less and less ransom payouts. They’re doing this a few ways:
- Insurance companies are ramping up what they expect from customers in terms of preventative measures, including demanding certain basic security measures be met. If those requirements aren’t met, then they won’t cover the payout.
- They’re limiting what they’ll cover and changing what they’re charging customers, from the get-go. AXA, a large insurance company in France, is already doing this.
- The federal government has prohibited dealing with a specific list of hackers, referred to as Specially Designated Nationals. If you pay the ransom, you could get in trouble.
So, what can you do to stop attacks in the first place? One of your business goals should be to immediately invest in strengthening your cybersecurity. This should include putting in place multiple layers of defense and redundant practices. Below you’ll find action steps that we’d love to partner with you in getting done!
If this is overwhelming you, we’d love to provide you with information technology services, including:
- We remotely monitor your network 24/7, 365 days a year, to keep critical security settings, virus definitions and security patches up to date.
- We do periodic restores of all your backups to make sure data isn’t corrupt and is restorable in the event of a disaster.
- We provide regular security audits of your networks.
- We test your employees for security awareness and phishing susceptibility.
- We help you avoid becoming victim to watering holes.
To learn more about working with us, fill out our contact form here or text/call us at 302-529-3700! If your managed IT services are already through Partners Plus, let’s discuss including the security package or leveling up your membership! Lastly, if you’re wondering whether your current IT support is sufficient and effective in combating this, consider our article.
With hackers being nondiscriminatory in their attacks, small- and medium-size businesses need to prepare. Deputy Attorney General Lisa Monaco said it best: “The threat of severe ransomware attacks pose a clear and present danger to your organization, to your company, to your customers, to your shareholders, and to your long-term success. So, pay attention now. Invest resources now. Failure to do so could be the difference between being secure now, or a victim later.”
Addition: This article’s last paragraph succinctly summarizes the importance of being proactive and prepared: Read about how.