Every 14 seconds another business will fall victim to ransomware, and these attacks have increased by 300% annually. With startling statistics like these, there can be no doubt that you need to take steps to protect your business from potential attacks. Keep reading to learn a little more about preventing ransomware threats and rebuilding your system after an attack. If you’re ready to partner with professionals who can help you create a plan to prevent these threats and partner with you to restore your business following an attack, IT ArchiTeks are here for you. Contact us to learn more about how we partner with businesses to minimize risk for ransomware attacks.
What is Ransomware?
Ransomware is defined by the Cybersecurity and Infrastructure Security Agency (CISA) as any malicious software (malware) designed to prevent access to information until a ransom is paid. These attacks are usually spread through phishing emails. When an unsuspecting person clicks a link in the email, the ransomware goes to work infiltrating your information systems.
How Can I Prevent Ransomware Attacks?
With exponential growth in the number of ransomware attacks each year, prevention is still your best course of action to protect your business. To prevent a ransomware attack from negatively impacting your company, we recommend taking the following steps:
- Backup your systems locally and to the cloud, so you have redundant backup restore options in case of ransomware attack. This means you don’t have to pay the ransom to get your information back, taking the power away from hackers. You should also establish backup and disaster recovery protocols.
- Segment your network. This is a complex process, but it essentially means you create distinct zones within your network and restrict permissions by zone. Even if ransomware infiltrates one zone, the others remain protected.
- Install threat detection software and put policies in place to address threats as soon as possible. This may include installing ransomware detection software and traditional firewalls as well as keeping all of your software up-to-date and installing any new versions of these products and available patches as soon as possible.
- Detection software is great but being proactive is helpful too. Install anti-malware and anti-ransomware software to directly block these malicious attacks.
- Schedule regular security scans across your network. A full security scan may detect threats that your anti-malware and anti-ransomware software misses.
- Configure recovery points in your systems. This may make it possible for you to access a previous version of your data if it becomes encrypted by ransomware.
- Stay educated and keep your employees educated as well. Explain the dangers of clicking on links in emails from unknown senders and share new information about current phishing emails. Explain that file extensions like .exe, .vbs, or .scr are much more likely to be malware files in disguise. As always, enforce a strict password policy, and make sure all passwords are strong and updated regularly.
- Install email server virus control software that can help to prevent your employees from receiving phishing emails.
- Finally, you can take steps to limit your employees’ internet access to only work-related content or at least limit access to the most vulnerable sites.
How Does Your Business Recover from a Ransomware Attack?
Prevention is essential, but even the most careful companies may find themselves the victims of ransomware attacks. It’s important to have a plan of action in place to recover your systems following a ransomware incident. We recommend the following basics:
- Isolate the infected machine to prevent any additional access to the system.
- Implement a “Phone Tree.” Have a plan to contact the necessary employees when a ransomware attack occurs. You should also include contact information for vendors who may be able to provide access to the systems and information they handle for you.
- Use system restore whenever possible to begin rebuilding your system without starting over.
- If you can’t restore your system, download your data from backups and start rebuilding.
- Don’t pay the ransom. Less than half of businesses get their data back, and those who pay the ransom are more likely to fall victim to future attacks.
Some Basic Stats on Ransomware Attacks
If you think your business isn’t at risk from ransomware attacks – think again. Below, we’ve included a few of the most dramatic statistics associated with ransomware:
- In 2019, businesses are victims of ransomware attacks every 14 seconds, and predictions indicate one business will be hit every 11 seconds by 2021.
- Ransomware attacks have increased 97% in the last two years.
- More than 850 million ransomware infections were detected in 2018.
- 34% of businesses that are victim of malware attacks were unable to access data for a week or longer.
- Only 47% of those who pay the ransom get their data back.
- More than 50% of 2018 ransomware incidents involved healthcare companies
- 90% of all financial institutions have experienced ransomware threats or attacks in the last year
- The average cost of ransomware attacks will reach the hundreds of millions in 2020.
- Ransomware attacks are increasing more than 300% annually.