Ransomware is a primary node for cybercriminals to inflict damage on your business. Falling foul of a ransomware attack can financially cripple your business.
Ransomware currently costs UK businesses £346 million a year, with 40% of UK companies facing five or more attacks in a single year. According to industry specialists, businesses of all sizes are targets for ransomware hackers.
Having said that, there is hope for all businesses. Despite the scaremongering emanating from cybersecurity firms and government-backed agencies, it is possible to successfully defend your IT network if you have the right cybersecurity strategy in place.
1. Email Filtering
Tackling the ransomware problem at its source can stop ransomware from getting anywhere near your valuable systems. The majority of successful ransomware attacks originate from spam emails known as phishing.
Phishing emails typically arrive in your inbox every day. Whilst most of them are easy to spot, sophisticated techniques deployed by threat actors are making malicious emails more difficult to spot.
Take spoofing for example. This technique involves an email sent to your employees which looks like its come from a trusted source – such as a client, supply chain contact, bank etc.
To reduce the threat risk, installing an email account with a strong filter helps to remove dangerous emails from landing in your inbox. This type of software identifies known threats and unusual email addresses. Some products also scan attachments and links to determine if they are infected with malicious code.
Microsoft 365 is a good example. The company’s email filtering software operates via their Exchange Online system, and your IT staff can configure the accounts of your employees. For example, you may want to prevent some members of staff from seeing or receiving emails from external sources.
2. Invest in Antivirus Software
Antivirus software is much more effective today than it was a decade ago when it was only capturing around 25% of cyberattacks. Today, antivirus software is said to be 90% effective.
Occasionally, a malicious email may slip through the cracks, or a staff member might accidentally click on a bad link when browsing or unwittingly download a pdf infected with malicious code.
Investing in antivirus software with a strong reputation for ransomware protection will be an effective means to blunt the attack. It should be noted that antivirus software will only capture code that is known to be used by cybercriminals. That’s why they are not 100% effective.
Having said that most companies don’t need to worry. New code is predominantly designed to attack corporate entities where the ransomware payday is higher. Cybercriminals demand payments in the millions.
Something else you should know. These major attacks are always blamed on s state-sponsored attacks. This suggests that malicious code that is used for attacks is programmed by the most sophisticated hackers who are paid by secret agencies and have no interest in the majority of SMEs.
The concern for SME’s however, is that the code is sold on the black market as hacking toolkits. You need to hope that your anti-virus software has been updated by the time hackers target you with the new codes.
If you ensure that all devices used by your staff are protected with a consistent antivirus, then the ransomware will not be able to spread through your company’s systems, limiting the amount of data that cybercriminals are able to exploit.
3. Reassess Bring Your Own Device (BYOD)
BYOD has been hugely popular amongst businesses for quite some time. A Microsoft study in 2013 found that 67% of people use personal devices at work. This issue has come to a head with the recent rise of public Wi-Fi hacking.
If your staff are using public Wi-Fi on devices they use at work, they are putting your company’s data at risk. To mitigate this risk, your company must either ensure your staff follows public Wi-Fi best practices to establish BYOD policies.
An effective BYOD policy should have cybersecurity at its core. This should include securing all endpoints – every device that can access your network, including home wi-fi.
4. Keep up with Patches
Whenever software is launched by a company, it will inevitably have gateways that cybercriminals can exploit. This is why software companies spend vast amounts of resources in keeping up with cybercriminals.
Whenever a vulnerability is discovered, it’s a race against time to plug the gap before cybercriminals find it and exploit it. Fortunately, the hacking experts that work for multi-billion dollar companies have a head start and will issue security patches whenever a gateway is discovered.
However, all their effort is wasted if software users do not install the updated software immediately after its released. Moreover, if you do fail to update your network once a security patch is released, your business would be deemed negligent by the Information Commissioners Office and issued a fine under the auspices of GDPR.
Ensure your IT team is well-resourced and has access to the appropriate patch management software. Alternatively, reach out to IT service providers that deliver reliable patch management services.
5. Maintain Cloud Backups
With so many ransomware attacks being targeted at businesses, it’s impossible to remove the threat entirely. Therefore, your business must take the necessary steps to mitigate the risk – which is easily resolved by backing up all your sensitive data on the cloud servers.
Cloud computing removes the potency of a ransomware attack. The only reason you would ever need to pay a ransom is so you can recover the data that is in the hands of cybercriminals.
But if all your data is backed up and accessible on cloud servers, you can sever the threat, secure your parameters and get your business network back up and running in next to no time. And you won’t have to pay a ransom.
With a hybrid cloud, the bulk of your data sits in inexpensive public clouds that your employees can access from anywhere. In the event that one of your servers is compromised, you will still have access to your data in other servers that cloud providers use to reduce the risk of cybercrime.