Will Your Business Survive a Ransomware Attack?

Most Small and Midsize Businesses Won’t Survive an Attack

Ransomware attacks are on the rise. Over 46% of the world’s total attacks are targeted against the US. Unfortunately, new research from CyberCatch, a cybersecurity platform provider, shows that 75% of small- and midsize businesses would be forced to close if a bad actor demanded a ransom. It is not a question of “if” an attack will occur for most companies but “when.” You can take steps to mitigate your risk and prepare for an attack.  

To Pay or Not Pay

Even if your business decides to pay the ransomware demand, it does not guarantee that you will recover your data in a usable format. Remember, you are dealing with criminals; thus, there is no code of ethics. Per the available research, 58% of extortionists attempted a second ransom after receiving payment, and 42% did not decrypt the files after payment, so the data was still unusable. Furthermore, if you pay in Bitcoin, the transactions are public and traceable. If used for any illegal transactions, they could be traced back to your business.

Even if you pay and recover your data, it takes an average of 16.2 days to remediate an incident. Think about having your business interrupted for more than two weeks. Not to mention the damage that is done to your reputation and inability to service your customers. The devastation done to one Illinois College is causing them to shut down indefinitely. In Michigan, Kalamazoo Community College was forced to close its campus after an attack. These are just two recent examples of attacks.

What Happens if Attacked

If your business becomes a ransomware target, these steps can help your business survive.

Assess the attack

Take a picture of the infected device’s screen before unplugging it. Pay attention to the payment deadlines or the number of days. Many times, the longer it takes to pay the ransom, the more the ransom demand. Check all of your systems to see if your network is compromised or if the attack is localized.

Immediately call your experts

This could be your internal IT team or a trusted IT vendor to supplement your team. In addition, if you have cyber insurance, contact them, and you may want to involve local law enforcement.

Determine the data you can recover

once you have identified what is infected, check on your backup systems to assess what data is recoverable. If you determine you need to pay the ransom to recover your data, have a clear communication plan on when and what you will pay.

Reset your systems

immediately reset all passwords. Ensure you have the latest software versions and run any patches to strengthen your security. Watch for backdoors that bad actors could further exploit.   

Do you have a Ransomware Plan?

We can help. Dewpoint has the security and infrastructure experts and experience to mitigate your ransomware risks and create a recovery plan in case you’re attacked. By taking simple cybersecurity steps, you can reduce the probability of an attack and its impact. Like in sports, we believe the best defense against an attack is a great offense. Contact one of our cybersecurity experts today.   

Why the Human Factor is Still the Most Important Part of IT Security

The human factor weakness

Regardless of the number of tools, software, and processes you implement, cybersecurity has one major weakness  – the human factor. Per Gartner, recent industry research shows that “22% of all breaches involved phishing, attackers leveraging stolen credentials accounted for 37% of all breaches, human error accounted for 22% of all breaches, and 30% of all breaches involved insiders”. Continuous monitoring and improvement are the keys to ensuring your human factor is no longer the most significant challenge for an effective threat prevention strategy.  

Tips to reduce the human factor

 Below are some tips to change your weakest link into your most robust in the cybersecurity fight.   

Keep IT simple

The more complex you make IT security for your end-user, the more they will find workarounds. By now, most organizations have implemented a password protocol requiring 10+ characters with a combination of letters, symbols, and numbers. The longer and more complex the password, the more likely the employee writes it down or reuses a password from another system. Think about how you can make it easier. Deploying multi-factor authentication (MFA) or two-factor authentication (2FA) may enable your organization to simplify the password requirements and add a layer of security.  

Trust no-one

We are ‘like’ family – many organizations get caught up in the employee ‘loves’ us and would never do anything to harm the company. Due to financial stress, a change in politics, or unforeseen circumstances, even the ‘best’ employee can be tempted to divulge company secrets or allow a ‘hacker’ to gain access. You can reduce exposure by implementing a zero-trust policy, where you trust no one and limit all users to minimal access – only enough to perform their jobs. Another option is to employ a privileged access management (PAM) tool to restrict access to sensitive accounts. Finally, make sure your organization has auto-monitoring to alert you if your system is attacked from the inside. The sooner you find out about the attack, the more you can control the damage.

It’s All About Education

Security awareness training should be more than a yearly task that employees need to complete. It should be ingrained into their everyday routines. Think about increasing or changing the training. Although computerized classes have become the norm, your employees may just be “clicking through” to get to the end. A few in-person sessions with small groups to talk about the latest threats and reinforce how important they are as the frontline defense will make more of an impact. In addition, include testing as part of your overall IT security awareness education. Periodically send out “fake” emails to judge if employees apply what they learn. Finally, ensure your employees know who to contact in case of a ransomware attack, know the protocols to follow, and aren’t afraid of reporting an incident. Don’t assume they know what to do.

How to improve your Human Factor

Making your organization cybersecurity ‘human proof’ starts with understanding where you are today. Dewpoint can help by evaluating your current organization and making recommendations to improve your overall security posture. As a technology company, we understand the software and tools that may help take the “human factor” out of the equation. Furthermore, we are partners with cybersecurity leaders in training and also provide individual training sessions. Contact us today.