Last year was the most costly and dangerous year on record for businesses dealing with ransomware attacks. That’s according to network security experts, SonicWall, who by Q3 2021 were reporting an almost 150% year-on-year increase in ransomware attacks worldwide. If what we’ve gleaned so far in 2022 is anything to go by, the risk of being struck by a ransomware attack will only continue to soar. That’s bad news for businesses, particularly at a time when many are still adapting to new security policies, cloud set-ups, and hybrid working arrangements.
While there’s plenty that businesses can do to minimize their exposure to ransomware, it is sadly more likely to be a case of ‘when’ rather than ‘if’ a business falls victim to such attacks. In part, that’s due to the democratization of ransomware tools and technologies, with ‘ransomware-as-a-service’ (RaaS) even emerging as a sub-industry for bad actors. As a result, every IT leader or CISO must now work on the assumption that, despite their best efforts, they are likely to eventually find themselves subject to a ransomware attack. The question then becomes, what should the response plan look like?
Here are some of the steps that businesses should be taking to ensure that they’re not left floundering if they find themselves a target of a ransomware attack.
Regular backups at the ready
They say that data is the new currency, and nothing underscores that quite like ransomware. Ransomware actors deliberately capture and encrypt an organization’s data, effectively crippling its productivity and making business as usual next to impossible. It’s perhaps little wonder that almost one-third of businesses in 2021 caved in and paid ransom money to get their data back. But if a business has a secure, cloud-based backup plan in place, it can avoid grinding to a standstill. From on-site backups that update daily and retain a virtual ‘snapshot’ of your business for a certain period of time to offsite back-ups which offer the same functionality but with added security, a good backup strategy will allow your business to roll back to your latest backup and restore all of your data in the event of a ransomware attack.
Developing and understanding security protocols
Most ransomware attacks come in the form of phishing scams, tricking employees into releasing their credentials using increasingly sophisticated emails that mimic a trustworthy individual or company. While this might seem rudimentary, phishing scams have persisted due to the fallibility of us humans. We’re creatures of habit, prone to complacency, taking shortcuts, and overlooking details. That’s where protocols come in. They give employees defined frameworks to adhere to in order to limit the risk of exposure to malware. Such protocols could include anything from two-factor authentication so that if a username and password are stolen, they can’t solely be used to access sensitive data. The principle of least privilege or ‘zero trust’ is another common protocol, which involves limiting a user’s access to certain areas of the businesses based on what they need rather than convenience.
Upskilling your team
This goes hand-in-hand with security protocols. Security protocols are there to give employees the very best chance at spotting scams and staying secure online, but they’re a supplementary measure and often the last line of defense. Your business is going to be far more secure if your employees are educated on the risks of ransomware and other malware. If you have one, your in-house IT department should also be up to speed on the latest threats and be leading the charge on some of the things we’re outlining in this article.
Keeping systems and applications up to date
The now infamous WannaCry ransomware attack, which brought the UK’s National Health Service to a virtual standstill back in 2017, happened because of unpatched and outdated software that took months to rectify. The NHS had to pay Microsoft over the odds to keep their Windows 7 machines patched until they had the time and resources to bring all of their systems up to date. The takeaway? Always have a technological roadmap in place, and know that your systems and software will need regular security updates.
An endpoint is any device that connects to your company’s network, either in the office or from an employee’s home or other remote location. Needless to say, the push toward hybrid working has led to a surge in the number of endpoints connecting corporate networks, so it’s more vital than ever that these new endpoints – from phones and tablets to laptops and smartwatches – are monitored and protected at all times.
As the saying goes, prevention is always better than cure. Some of the above points are designed to help your business defend against the threat of a ransomware attack, while others will help you mitigate the damage should a breach occur. Either way, these are just some examples of what all businesses, regardless of size, should be implementing as we move into 2022. With good security housekeeping, your business will stand a better chance of staying protected against the rising risk of ransomware attacks.