If you aren’t, you should be. Ransomware attacks have escalated at an alarming rate over the last few years. Across the world, ransomware cost businesses $20 billion in 2021 and is expected to rise to $265 billion by 2031.
Why is this? It is because the criminals are the innovators and we can only react to them.
So how can you protect yourself from ransomware?
Let’s look at some ways ransomware can enter your system:
- An unsecure network where a bad actor breaks into your system and inserts malware that takes immediate effect or, more likely, sits dormant in your system until they are ready to execute.
- An employee clicks on a link in an email or on a website that looks legitimate but is not.
- An employee acts upon an email that is spoofed with a co-worker/supervisor’s name.
- Someone on the network installs infected software from an external storage device, typically a USB drive.
How can you prevent this from happening?
- Hacks are best prevented by a strong, up-to-date hardware firewall that prevents outside attacks and has internal algorithms that can detect and stops viruses as they appear. Keep in mind that your internet provider’s router is not a firewall. A good firewall is a great investment in your business.
- Education of your employees on how to recognize a threatening email is probably the best way to prevent someone from clicking on the “wrong link” that installs malware that encrypts your data and sets you up for ransom. There are education programs that not only teach about ransomware prevention but can also periodically test your employees with safe emails.
- Have a paid version of an anti-virus/anti-malware program installed on all endpoints (computers and servers). Free versions do not update the virus database on a regular basis. Anti-virus programs can not only detect and quarantine viruses, but some can also identify those that are lurking undetected in the background.
- Prevent installation of outside programs by locking down external drive access.
How do I recover from a ransomware attack?
- Regularly back up your data to offsite storage that is “air-gapped” so it isn’t affected by the encryption of your on-site data. This can allow you to restore the encrypted data with a “clean” set of your data.
- Have cybersecurity insurance that can help you recover from a ransomware attack.
- Avoid paying the ransom. These bad actors are criminals and are not trustworthy even if you do pay them.
Ransomware is a real threat, no matter how big or small your business is. The bad actors are opportunists and while they are not necessarily targeting you specifically, they will come after those who are not protecting themselves and make their lives miserable.