Have you given much consideration to the highly publicized WannaCry and Petya ransomware attacks that occurred earlier this year? Customer information, employees’ personal data, proprietary information, trade secrets and company financial data all are at risk from this increasingly common form of cybercrime.
Ransomware is a type of malicious software that infiltrates the target company’s systems and uses encryption to prevent users from accessing company files, software and networks. Attackers demand a ransom payment — it could be hundreds or even thousands of dollars — to gain a decryption key to unlock the malware. However, attackers often take the ransom and fail to provide the encryption key.
Ransomware recovery can cost tens of thousands of dollars or more — for restoration of business operations, installation of new security technology, and recovery from related operating losses and lost productivity. Other costs may include loss of customer confidence and business due to perceived weaknesses in the company’s security protocols and inefficiencies during the recovery period.
Compromised websites and email attachments are typically the sources of ransomware malware. Here are some measures that cybersecurity experts commonly suggest businesses take to protect against costly infections:
Have a robust backup strategy
Regularly backing up computer data is a critical step in ensuring readiness for a ransomware attack. If you don’t have your files backed up effectively, your only options in the case of an attack are to pay the ransom (and hope for the best) or lose the data.
There are many backup options, including backing up to cloud providers, to local storage devices, or to network attached drives.
PCMag suggests a tiered or distributed backup solution — possibly provided by an online backup vendor or Disaster-Recovery-as-a-Service (DRaaS) vendor — that keeps several copies of backup files in different locations and on different media.
Steven Weisman, a cybersecurity expert who teaches at Bentley University in Waltham, MA, counsels companies to maintain three backup copies using two different formats with one residing off site. Adds regular security speaker and author Robert Siciliano, CEO of IDTheftSecurity.com: “If you have a quality backup system in place, you won’t need to pay the ransom.”
Another important measure is training employees on how to keep the fraudsters at bay. Training should emphasize things like recognizing social engineering techniques, not clicking on links in questionable emails, and never opening attachments from unknown senders.
Companies can hire outside security consultants to provide security awareness training, or as an alternative, you might just want to sponsor a series of group lunches where Information Technology (IT) representatives brief employees on ransomware prevention.
Employ mitigation strategies
Some of the most commonly advised mitigation strategies include:
- Ensure reputable antivirus software is installed and up to date across all endpoints within the business.
- Use whitelisting software that only allows specified programs to be run on the company’s computers, blocking malware.
- Patch commonly exploited third-party software such as Java, Flash and Adobe.
- Use administrative control tools to manage security solutions centrally — do not give employees the option to change or disable security settings
- To combat fraudster “spear phishing,” institute a social media policy that limits certain work-related information from being posted on social media. The more information a fraudster has, the easier it becomes to impersonate or target that individual.
Don't pay the ransom
Ransomware incidents are increasing in 2017, with strikes on businesses occurring every 40 seconds. While each targeted company must decide whether or not to pay a ransom, security experts generally advise companies against doing so.
Ransomware in a company’s network can be self-propagating and trigger repeat incidents. Making payments to obtain the encryption key can backfire by making the company vulnerable to repeat attacks. With that in mind, experts recommend that companies focus on restoration efforts and protection against future attacks.
We invite you to educate yourself and your company associates about ways to fight cyber fraud by viewing our Business Cybersecurity video series:
- Review your accounts every day
- Teach your employees to recognize fraudulent emails
- Top 3 signs an email is fraudulent
- ACH Positive Pay
And for regular news, updates and tips on protecting your business finances, subscribe to Insights by adding your email to the form below.
The information, views, opinions, and positions expressed by the author(s), presenter(s) and/or presented in the article are those of the author or individual who made the statement and do not necessarily reflect the policies, views, opinions, and positions of Hancock and Whitney Bank. Hancock and Whitney Bank make no representations as to the accuracy, completeness, timeliness, suitability, or validity of any information presented. This information is general in nature and is provided for educational purposes only. Information provided and statements made should not be relied on or interpreted as accounting, financial planning, investment, legal, or tax advice. Hancock and Whitney Bank encourage you to consult a professional for advice applicable to your specific situation.
We provide links to external websites for convenience; we do not endorse and are not responsible for content, links, privacy or security policies.