According to the most recent Bitdefender 2020 Consumer Threat Landscape Report, ransomware attacks were up 485% in 2020 compared to 2019. And there’s no indication that 2021 will see a reduction in attacks. That’s a number that should shock most business owners into taking immediate action. Indeed, Apheus is actively warning all of our customers to do something – take action to defend your business against these types of cyberattacks.
A ransomware attack can cripple a business. This past weekend, a major pipeline company called Colonial Pipeline was struck by a ransomware attack that effectively shut down the delivery of fuel to the northeast portion of the United States. While there were some immediate ramifications, there will be long-term effects as well. This attack is being called “the worst cyberattack to date on critical U.S. infrastructure…”
Businesses should and MUST protect themselves against a ransomware attack. There’s really no choice given the current global climate.
What is a ransomware attack?
Here’s the definition of a ransomware attack, according to Merriam-Webster:
Malware that required the victim to pay a ransom to access encrypted files.
https://www.merriam-webster.com/dictionary/ransomware
If you work, live, or play on a computer you should know about malware. Even if you have never experienced malware (and I would find that hard to believe), you should at least know what it does, how to prevent it, and how to fix it. Ransomware is a particularly nasty type of malware that encrypts the files on a computer, making them inaccessible to the user. Ransomware can attack and encrypt files on laptops, desktops, servers, and network-attached storage devices.
Ransomware works just like many other types of malicious programs. They get on your computer via email attachments, downloads from the internet, compromised websites, thumb drives, network distribution, and many other delivery methods. Once ransomware is on a system, they tend to spread across a network like wildfire. They will typically infect multiple systems, taking advantage of weak security procedures and the lack of proper virus protection.
How do I protect myself against ransomware?
The first line of defense in preventing a ransomware attack is education. Everyone within an organization must take measures to learn about malware and how to prevent themselves from becoming a victim. A single person in an organization can cause malware to propagate to infect entire networks. Employee training and communication are key components in developing an anti-malware strategy.
Secondly, regardless of the size of your business (and even if you’re a home user), you should have some sort of backup system in place. Many businesses are definitely lacking when it comes to backups, with some businesses we’ve consulted with having no backup systems in place. This is a dangerous situation that needs to be rectified as soon as possible. We recommend the 3-2-1 backup strategy:
- Three copies of your data.
- Two different storage types.
- One copy offsite.
Thirdly, all of your computer systems (both on-site and remote computers) should be protected by malware protection. The antivirus that usually comes with a new computer is typically insufficient to protect you against a malware infection, particularly a ransomware attack. Having actively monitored protection is a valuable service that not only alerts us to a potential problem, but allows us to work immediately to identify, isolate, and remedy problems in realtime, rather than waiting days or even weeks.
In our experience, break-fix customers often do not report problems immediately. This results in more difficult remediations, lost data, and compromised systems. While no system is perfect, it is important to remember these three critical components: educate, backup, and protect. No two businesses are alike, so a custom-tailored combination of these three essential components is crucial to establishing the best protection against malware and ransomware.