Cyber Security for Business: Ransomware Incident Response

For a small to midsized business, few things can be as unsettling as having your hard-earned company data held hostage by cybercriminals. You might believe you’ve invested appropriate time and money in cyber security. However, clever hackers invest their own time and money in finding new ways to breach your data and throw your business operations into turmoil. Ransomware is currently one of the most widespread cyber threats.

The two main types of Ransomware attacks are Crypto-Ransomware and Locker Ransomware. Crypto-ransomware encrypts your most sensitive, private data and will not decrypt/release the data until the ransom is paid. Locker ransomware locks all your devices until the ransom is paid. Both of these ransomware approaches are potentially crippling to an SMB.

Paying Ransoms

The FBI www.fbi.org and most cyber security professionals strongly contend that businesses should never pay the ransom for two primary reasons:

• Paying ransoms encourages more attacks. The more successful cybercriminals are in collecting ransoms from their attacks, the more empowered they and other hackers will feel to launch more ransomware attacks.
• There is no guarantee that the cyber attacker will decrypt your data or free your devices after paying the ransom.

Unfortunately, anyone can download ransomware onto a computer without knowing it. By clicking on ads, opening email attachments, clicking links or visiting websites with embedded malware, even computer-savvy users can unwittingly open the door to a ransomware attack. Then, the attack manifests and is discovered when users try to log on to their computers or their files become encrypted. When this happens, users will encounter a message such as:

WARNING!
Your Files Have Been Encrypted!
You Have 24 Hours to Pay the Ransom.

The cost of ransomware can be devastating for a small to midsized business. SMBs generally do not have the resources to recover from such attacks. It is estimated that 60 percent of small companies go out of business within six months of any cyberattack. As ransomware is becoming the attack method of choice for many cybercriminals, it is imperative that companies create appropriate Ransomware Incidence Response Plans as part of their overall cyber threat protection process.

Before hiring IT professionals to provide ransomware services, the most basic free protection is embracing a company-wide mantra, “Think before you click!” Users must be trained and retrained to check their impulses to click on links or open attachments without first ensuring they are from trusted sources. In general, instituting mandated cyber security best practices for your employees can help keep your SMB from falling victim to a ransomware attack. However, there are a few other simple measures that can be taken to avoid ransomware:

• Regularly update anti-virus and anti-malware programs and run pre-programmed regular scans.
• Keep all system and application software up to date.
• Run regular secure backups of all company data.
• Create a Response Plan to keep the business operating in the face of a ransomware attack.

Many companies are required by law to protect the personal and financial data they collect from clients. If companies have been attacked by ransomware, their clients have also been attacked. For medical and legal practices, safe and secure data is crucial to their reputations. Data breaches such as ransomware attacks can put high-compliance companies out of business and expose them to ongoing legal challenges.

Case Study

A law firm in Manhattan installed excellent cyber security when it opened in the early 2000s. It also had a part-time IT contractor stop by once a month to check their system and handle any problems or needs that might have arisen since the previous month’s visit. However, no best practices were established for the partners, associates and administrative staff. Some employees were more careful than others when opening email attachments or clicking on embedded links.

One morning, the managing partner got to the office and went to log on to the network only to find that the company’s system was locked and a ransom demand appeared on her screen. The firm was the victim of a ransomware attack.

The company recovered from the attack quickly, but unfortunately, some of its clients’ private data had been breached. Over the next three years, the law firm faced multiple lawsuits from those clients and ultimately had to pay considerable damages.

DIGIGUARD Cyber Security specializes in cyber threat protection, including VPN solutions for small and midsized companies. In addition, DIGIGUARD can provide your small business its own secure and affordable virtual private network platform, so your company’s data will be safe in our expanding mobile work environment.

As you build your business, expand its network and add more devices such as smart controls, wireless access and remote access, your network vulnerability continues to increase in tandem with your growing cybercrime attack target landscape. DIGIGUARD specializes in proactive ransomware services and has a wide array of solutions for small and midsized businesses to defend against malware attacks and other network data breaches. In addition, they are cyber security experts who can ensure your confidential business and banking data has the best protection possible. Also, they can help you defend against or recover from a ransomware attack and provide solutions that offer early detection of potential cyber threats before they happen. Furthermore, DIGIGUARD can assess your cyber vulnerability and work with you to ensure you have the best network and data protection solutions for your business.

Contact DIGIGUARD CYBER SECURITY at 833-33-CYBER (833-332-9237) www.DIGIGUARDsecurity.com to discuss the prevention of ransomware attacks and other cyber defense protocols they can provide to protect your company’s data.