Cybersecurity has always been important, but with escalating global tensions relating to the war between Russia and Ukraine, individuals and businesses alike are placing a renewed emphasis on exploring cyber protection options.
Targeted threats from nation states are only one aspect of the cyber threat landscape. Ransomware attacks are an attractive way for cybercriminal groups to achieve a range of objectives, from infrastructure disruption to lucrative revenue generation. Approximately 300,000 new pieces of malware are created daily to attack individuals, organizations and government entities through targeted strikes and malicious code circulating indiscriminately across the internet. Even if you or your business don’t fit the profile of a potential target, we are all at risk. That’s why all businesses and individuals should take the threat of ransomware seriously and implement best practices to protect against it.
Governance, Risk and Compliance (GRC) has existed mainly in the purview of large enterprise organizations. However, as the risk of ransomware extends into organizations of all types and sizes, basic GRC practices can be an effective part of a defense strategy for small and medium sized businesses too. Implementing a GRC strategy helps organizations identify and increase awareness of security risks, including ransomware. It also enables businesses to put the right defenses in place to reduce these risks.
Managing access to accounts, apps, systems, and data is an important aspect of establishing the rules, policies, processes, and procedures related to handling and protecting data and infrastructure. Effective access management is also a critical part of reducing the risk of ransomware infections and minimizing the damage if an attack does occur. Limiting access to only those people who need the system or data to do their jobs limits how far an attacker can move within your network and how much they can hold for ransom if they do get infect a system with ransomware. Additionally, limit the number of administrator accounts to only a select few employees to further minimize the likelihood of an attacker gaining full access with large-scale administrator permissions. Companies can introduce these protocols by establishing account set up and permissions rules by role, requiring adherence to data management policies, and providing employee cybersecurity training.
As you identify and assess risks, factor in the specific ways in which a ransomware infection could be triggered throughout the organization. Review the roles that could be the most vulnerable to an attack, for example, accounting or human resources that regularly receive attachments and links from new contacts. Additionally, identify the systems and data that are critical to keeping their organization running, and ask important questions, like, “What are the attack scenarios that are most likely to happen? How will you respond to a ransomware attack if it happens? Do we have an Incident Response Plan in place?”
Being prepared to effectively respond to and recover from a ransomware attack includes being well-versed on the regulations and mandates in your industry that require certain protective security practices as well as response steps in the event of a ransomware infection. Analyze whether your business should have cyber insurance, what requirements are mandated by the insurance carrier, what authorities or agencies should be notified, and what you are obligated to report to customers and the public in case of a breach.
In addition to implementing GRC practices, it’s important not to lose site of the other cybersecurity practices that can give them a leg up against attempted ransomware attacks.
Enable multi-factor authentication on all devices and accounts
Some people resist multi-factor authentication (MFA) because they don’t want to take the time to go through the extra step, but those additional few seconds can make an incredible difference in protecting your private data. MFA is a significant deterrent for threat actors seeking to infiltrate your systems and network. Setting up SMS MFA can be effective, but the possibility of mobile phone account takeover still presents a risk. An even better practice is to use authenticator code generation apps. It truly takes just a few extra seconds to retrieve and input a verification code that can make a big difference.
Keep computers up to date with security patches and software updates.
Security flaws can happen here and there — you may remember a recent high-profile security flaw in Apple’s iPhones and Macs — but the good news is most technology companies are quick to repair those flaws. This is why it’s extremely important to keep your technology upto date with security and software updates. Many people unknowingly put their data at risk because they fall behind on implementing software updates that contain critical security fixes. Some technology users are months — even years — behind in making these updates. One of the simplest things you can do to protect against ransomware or cybersecurity attacks is to update computers, phones, and other pieces of tech as soon as the patches and updates are released.
Never click links or attachments in suspicious emails
Phishing and smishing (SMS phishing) attempts continue to increase in popularity and become more elaborate — though Nigerian prince scams still exist, most scams are becoming more difficult to discern.
Some scammers might replicate fake shipping notifications, bank or credit card summaries, or emails that appear to come from a close family member or acquaintance. As a rule of thumb, delete all unsolicited emails and never disclose sensitive personal information online. Often just a little digging will help you get to the bottom of a situation—you might realize the email address that appears to be your boss’s is inaccurate, or you might call the bank to confirm their email and find out they never sent an email in the first place. Stay vigilant and err on the side of caution whenever you’re dealing with questionable emails.
The value of professional expertise
For businesses that might be particularly concerned about rising ransomware threats, hiring an IT and cybersecurity services company is an excellent way to ensure your company’s defenses are continually optimized. These companies, also known as Managed Service Providers (MSPs) can implement email security anti-virus protections and Endpoint Detection and Response (EDR) threat monitoring solutions that ensure your technology is consistently protected. They can also manage security patches and updates to minimize potential gaps that cyber threat actors can exploit. Additionally, they can help with security awareness training so your employees can serve as a line of defense. MSPs stay at the forefront of evolving attack methodologies to safeguard clients from ransomware attacks and other threats.
Roger Lewis is the CEO of CMIT Solutions, an award-winning provider of information technology (IT) and cybersecurity services and products to small and mid-market businesses. CMIT Solution’s network of locally-based owner-operators backed by enterprise-level technology partners makes advanced technology solutions accessible to businesses of all sizes in the United States and Canada.