WHY IT IS IMPORTANT
In 2021, 37% of Businesses were hit by Ransomware at a world-wide cost of $20B. That number is expected to grow to $265B by 2031. On average, the cost of recovering from a Ransomware attack is around $1.85M. And the 37% of companies that paid the ransom only received 65% of their data back.
Many businesses believe that they are too small or that the bad guys just don’t know who they are. But the reality is that if you are a business in America, and you have a bank account, there is a target on your back.
HOW TO PROTECT YOUR BUSINESS FROM RANSOMWARE
The only way to completely protect your business and your data from the threat of Ransomware is to completely and permanently disconnect your business and all your employees from the internet. If you can’t do that (and who CAN?), then here are some ways to mitigate your risk.
PRACTICE PASSWORD HYGIENE
8 character passwords can be cracked in as little as a few days (yes, even the ones with special characters and numbers in addition to upper/lower case letters). And many of us use the same password for our banking, fitness, and delivery apps as we do for our work apps. As a result, if any of the online services your employees use are compromised, your business could be vulnerable to attack. What can you do about it?
- Get a password manager like 1Password, Dashlane or LastPass. These apps will track your passwords for all the sites/apps you use, and they auto-fill passwords on your PCs, Macs, and mobile devices, so you never have to remember another password again.
- Use your password manager to set random, unique 16-24 character passwords for each site/app you use. Even if all of the characters are upper/lower case letters, a 16 character password will take trillions of years to crack.
- When possible, add Multi-Factor Authentication (MFA) to your sites/apps. MFA requires a combination of something you know (password) with something you have (mobile device). With MFA, even if your credentials are compromised, a bad actor cannot gain access to your data without also having your mobile device.
DON’T EAT THE PHISH
The most common and most successful attack vector employed by the bad guys is the phishing email. These are the emails that you get that at first appear to be from a friend, colleague or business that invite you to click on a link or open an attachment.
- Listen to your Spidey-Sense:
- If you do not normally receive emails from the inventory manager at one of your clients asking you to click this link to download their proposal…
- If UPS sends you an email to track your package, but you are not expecting a package…
- If the sender uses broken grammar or sounds like a Soviet KGB Agent speaking English in a 1980’s thriller… don’t click that link.
- Look beyond the display name of the sender to the actual email address of the sender. The display name might be UPS, but if the email address looks something like: firstname.lastname@example.org… don’t click that link.
- If the sender checks out, then hover your mouse over the link in the email to see the actual url before you click on it. The link might look like Proposal, but if the actual URL looks like https://props.8476bizstuff.com… don’t click that link.
- Have every member of your team attend annual training on how to identify phishing emails. Some training companies will follow up the training by intentionally trying to phish your team and can track how many people still click those links so you can target future training at those who need it most.
Public WiFi hotspots may have become as ubiquitous as they are convenient, but they also come with their share of dangers. Honeypots and WiFi sniffers are just two of the very simple tools that bad actors can use to watch your every keystroke on a public WiFi network (Starbucks, HiltonHonors, DisneyParks, etc.).
If you must connect, make sure you use a VPN to protect and encrypt the data you send and receive while connected. If you don’t have a VPN provided by your company, there are some great free and paid for options available such as NordVPN, Proton VPN, and Surfshark VPN.Page Break
DON’T RDP OVER HTTP
If you use Remote Desktop Servers to access your business applications, don’t put your RD Servers on the Internet. The Remote Desktop Protocols contain some of the best known and well documented hacks, plus they can be found in minutes using free port scanning software. And did I mention that your credentials are sent over the internet in plain text? Yikes!
If you need to access Remote Desktop servers over the internet, use a VPN or Microsoft’s Remote Desktop Gateway services to ensure that your RD Servers are safe and the data that flows over the internet is encrypted.
PROTECT YOUR BACKUPS
This point may be last but it is certainly not least. If a bad actor does gain access to your systems, one of the first things they will look for are your backups. After all, if they can’t encrypt your backups, you are not likely to pay.
- Make backups to a tape or to a removable disk that you can disconnect from your network while it is not in use.
- Configure your backup systems in a separate domain and restrict access between your production and backup domains.
- If you offsite your backups to the cloud, look for a solution that can detect Ransomware through the lens of the backup.
- A Bad Actor can be in your system for months before they start encrypting files. So make sure you keep your backups for months if not years.