David Emm, Principal Security Researcher, Kaspersky, shares with Top Business Tech the five key ways in which IT leaders can ensure that their organisations are protected against ransomware attacks.
Following a spate of high-profile attacks, it is all too easy to consider ransomware a threat to large, well-known businesses. Research, however, suggests this is far from the case. There are plenty of reasons for small or medium businesses (SMBs) to be proactively approaching the issue of ransomware. 35% of SMBs hit by a ransomware attack in 2020 at an average cost of US$183k; this is a trend that shouldn’t be ignored.
SMB’s can no longer treat cybersecurity as a lesser priority compared to other businesses issues. Pre-emptively securing your businesses, as well as building a plan, is now essential for business continuity. This is to say, if the threat of ransomware isn’t on your radar, you are putting your business and its data at substantial risk.
In light of the recent Anti-Ransomware Day, here are some key measures and best practices for businesses.
1. Backup systems as an ongoing process
Making system backups should be a regular process, and ensuring they are up-to-date and accessible is vital. And keep them on devices not connected to the corporate IT network. That will keep data safe if the entire network is ever compromised. Also, ensure you can find and invoke backups quickly in case of an emergency. This is great practice for any number of situations, not just ransomware. Think of it like being able to go back in time to before any incident caused loss or corruption of company data. One big benefit of this approach is that the business can continue running smoothly without downtime interruption.
2. Consider updates a cybersecurity essential
Making updates when prompted by your operating system can seem like an unnecessary pain – particularly if you’re making great progress on work or have a list of emails to send. But, running an update on your OS or business software can provide critical security updates, as well as features that may just do the work you’re doing easier. Instead of seeing it as wasted time, use it to stretch your legs, rest your eyes, grab a drink, and come back with renewed focus – and most importantly, a secure machine.
3. Maintain communication around cybersecurity
Knowledge is power when it comes to being safe online, so make sure you talk to your employees about the variety of cybersecurity threats they might encounter, whether phishing emails, untrustworthy websites or software downloaded from unofficial sources. Make the process relaxed and informal with an ‘ask me anything’ online session accompanied with plenty of imagery and real stories to keep it engaging and relatable. If a more formal approach is needed, consider interactive training and tests to ensure staff remain vigilant. Special attention is paid to employees who work with sensitive data, such as accountancy, legal, and HR.
4. Remain disciplined with safe passwords
Not all passwords are created equal, so make sure you use strong ones to access corporate services and use multi-factor authentication to access remote services. This is particularly important for business services like accountancy, where such precautions can save data and money from accidental or deliberate actions. Take the example of a lost laptop. Most businesses are prepared for the loss of physical property, but it’s only with secure passwords that they can be reassured that data will remain secure should the laptop fall into the wrong hands.
Password managers can be an effective way of making this process easier. These software programs create, store and enter secure passwords for you so that all you need to remember is the password to launch the password manager. This removes the barrier to remembering multiple different passwords, which often leads to individuals using weak passwords or one password across multiple accounts.
5. Plan for the worst
When instances of data loss occur for any reason, panic often ensues, with different departments assessing how it will affect them and their teams. Response and crisis communication plans will take the edge off a terrible situation if the worst does happen. See it as a shelter and a stock of supplies against a future storm that will help your business better weather it by saving time on decision-making if an urgent response is needed.
What if the worst happens?
Ransomware is a threat to businesses of all size and scope, and it remains crucial to stay vigilant. As a rule, never pay the ransom. Although this may seem like the best and only option at the time, this will not guarantee that seized data will be returned. On the contrary, it will only confirm that the perpetrator’s activity works. To tackle ransomware long term, we all need to do our part to show that crime doesn’t pay.
Notably, our global study of 15,000 consumers found that only a quarter of those who paid fraudsters ever got their data back. The top priorities following a data breach should be to report the crime to your local law enforcement agency or find a decryption tool online through a reputable source such as No More Ransom.
There is no magic solution for ransomware attacks, and this is especially the case after they have occurred. For businesses of all sizes, however, cybersecurity can be enhanced massively by simply cultivating good habits. By making cybersecurity a seamless part of your day-to-day operations, you limit the potential of a vulnerability and limit the effort required to be ‘cybersecure’.
- Biometric authentication: the good, the bad and the ugly
- You’ve had a breach – how do you successfully roll out an emergency patch?
- How to successfully reopen your office in a post-Covid-19 world
- Common migration pitfalls and how to avoid them
 According to Kaspersky IT Security Risks Survey 2020. For the survey, 5,266 IT business decision-makers were interviewed across 31 countries in June 2020.