Ransomware attacks have shut down businesses across America in numerous high-profile cases this year. In June, hackers targeted multinational meat manufacturer JBS S.A. In May, a hospital in San Diego and Colonial Pipeline were both victims of cyberattacks. Some experts estimate that there were 65,000 successful breaches in 2020.
Ransomware attacks aren’t limited to big enterprises; your valuable information could also be at risk. Small businesses are often easy targets for hackers. Here’s what ransomware is and how to make sure your data is kept as safe as possible.
[Read more: What Small Businesses Need to Know About Ransomware]
What is ransomware?
Ransomware is the most common cybersecurity attack in which hackers use a form of malware to gain access to and encrypt a company’s system, holding its information for ransom.
“Hackers have become extraordinarily skilled at deceiving their victims into downloading malware using links or attachments that appear innocuous,” said David Tam, vice president of marketing at Nightfall. “Once they’ve infiltrated a network, hackers will encrypt a company’s data and demand payment for its release, often to the tune of millions of dollars.”
Ransomware is on the rise. Over the last year, experts have seen a seven-fold increase in ransomware attacks this year targeting companies of all sizes. So, how can you protect data at your small business?
Keep your system up to date
The Biden administration is stepping up federal efforts to tackle the perpetrators of ransomware attacks, but it’s also encouraging small business owners to be proactive in defense against ransomware.
A good place to start is by making sure your software, browsers, devices and operating systems are kept up to date. As threats evolve, your technology partners will release updates that keep your system secure. “Regularly updating programs and operating systems helps to protect you from malware. When performing updates, make sure you benefit from the latest security patches. This makes it harder for cybercriminals to exploit vulnerabilities in your programs,” wrote the experts at Kaspersky.
We often recommend that companies take a layered approach to their cybersecurity. In addition to anti-malware, consider implementing a cloud data loss prevention approach, VPN, spam filter and identity management solution.
David Tam, vice president of marketing, Nightfall
Educate your team
One of the most common ways in which hackers initiate a ransomware attack is through phishing.
“Phishing happens when a hacker sends a fraudulent message that tricks a user into revealing personal information, such as a username or password,” said Tam. “Phishing attacks are often the delivery mechanism for a piece of ransomware. A victim will click on a link in a phishing message and unwittingly download a piece of ransomware, which could infiltrate the system and encrypt data for ransom.”
Train your employees to recognize the potential for ransomware attacks and respond appropriately. For instance:
- Don’t click on spam messages, strange attachments or enter unknown websites.
- Don’t disclose personal information via phone call (when you don’t know the person), text message or email.
- Don’t plug in USB sticks or external storage if you don’t know where the device came from.
- Don’t download a file or an app from anything other than a trusted source.
Unfortunately, many ransomware attacks are successful because employees aren’t equipped to recognize where malware might be lurking. It can also help to install security software to keep your files safe in the event of human error.
Get security software
There are a couple of key software tools that can help you stop ransomware from taking over your entire operation.
First, implement multi-factor authentication (MFA). Multi-factor authentication requires users to provide more than one type of verification to log in to a system. If one of your employee’s credentials is compromised, you can lower the risk that your data will be compromised with MFA.
Consider also adding anti-malware software to your computer. “Ransomware is malware. [Anti-malware] software can stop the majority of variants before they hit,” said CSO Online.
“We often recommend that companies take a layered approach to their cybersecurity,” said Tam. “In addition to anti-malware, consider implementing a cloud data loss prevention approach, VPN, spam filter and identity management solution. That way, if hackers get past one of your defenses, your data may still be kept safe.”
CO— aims to bring you inspiration from leading respected experts. However, before making any business decision, you should consult a professional who can advise you based on your individual situation.
Follow us on Instagram for more expert tips & business owners’ stories.
A message from
Join a private network for business opportunities from CO—
Connect with thousands of verified CEOs and investors ready to close deals.
Published July 12, 2021