Ransomware is one of the most dangerous attacks a small business can experience. According to research, attacks in the UK have increased by 195% and 75% of businesses can lose access to their files for at least two days. Ransomware is a significant problem for UK businesses and specifically small businesses. If you’re attacked, then there is a significant chance that you won’t recover.
So, what are the dangers of ransomware, what do you do if you’re attacked and how can you prevent it? Here are some of the top tips for your small business.
What is ransomware?
Ransomware attacks are when software is maliciously, and unknowing to you, installed on your IT systems that corrupts and encrypts the data to make it unusable. Then the criminal team behind the attack will send you a message promising to make the data usable again if you pay a certain amount.
When you pay this amount, the criminals will often send you a decryption code. However, the success of this varies. Some ransomware is harder to decrypt than others.
Why is ransomware so prolific?
The simple answer to this is because the software, ransomware, can be easy to pass on to targets through malicious emails and sites with poor security which employees enter. In addition, many businesses and even governments are willing to pay the criminals for the return of their data.
Some executives are willing to pay up to $50,000 per attack, which is a fraction of the cost that the lost productivity time can be. Therefore, the attack can be very lucrative for the criminals and with the use of Bitcoins, the crime can be hard to detect.
What do you do if you’ve suffered a ransomware attack?
If you’ve suffered from a ransomware attack then you’ve got a problem. There are three basic options when it comes to this scenario.
* Pay the ransom to the hackers.
* Decrypt the files yourself and remove the malware.
* Wipe your IT system and start again.
The first option is not generally regarded as the safest option. While some criminals will give the decryption codes, they might not work. And some do not. They simply take your money. At the same time, it only encourages the hackers to attack another company or yours again.
Decrypting the files yourself can also be challenging. You don’t know exactly what software was used to encrypt your files and you might not know what IT infrastructure was infected. Therefore, you could have a costly, long delay in getting your IT system back online.
Wiping your IT system might be the best option and then you can start again. This option is even more attractive if you keep regular updates of your data. For instance, if your attack happened after a backup, you will lose limited information. This might be frustrating, but you’re more likely to recover from this than an expensive ransom and several days worth of repairing the systems to find out some of the data is simply not recoverable.
You might need to have a disaster recovery team to help you with this option, however. This will speed up the process and allow you to put in place the IT security infrastructure that will prevent such an attack from occurring in the future.
How can you prevent a ransomware attack?
Ransomware is a challenging attack to prevent. This is mostly down to human error. The software that causes the problem is mostly spread through phishing emails or through links on social media or websites. Therefore, you have to trust that your staff are wise and alert enough to protect your business.
The start of this is with IT security training. There are so many ways that attacks can happen that look like normal business behaviour. For instance, a message might be received from what looks like a legitimate organisation/known supplier/customer that has an attachment. The email will tell the employee to open the attachment for information about a missing payment/refund/new order. When this is done, the machine is infected.
Staff need to learn how to recognise when these emails are spoofs and not the real email. They should also learn not to open attachments without knowing what it is exactly and ensuring it is safe.
However, research has found that staff will open suspicious emails, even if they realise that it could be corrupted.
At the same time, staff should be made aware of the dangers of randomly clicking on social media links. These work well for criminals because posts made by friends of the employee are often trusted. But the post could have been created by criminals and posted via a friend’s account in order to look legitimate.
IT security training should be conducted regularly and thoroughly within a business to protect you as well. While learning once is okay, staff are quick to fall back into bad habits.
You should also look at IT infrastructure. Ensure you have the best IT security software, virus scanner and up-to-date IT security patches. Most security breaches are because of a flaw within the IT infrastructure and security systems. Software updates and patches often carry new security protocols to protect systems.
If this is hard for you to do, outsource your IT systems maintenance. By using outsourced IT services, updates can be done more regularly and efficiently. This can be very helpful when it comes to protecting your organisation.
IT security is very important and ransomware is a real threat to your business. By using IT security training and the best software, you can protect your business. But this needs to be a continuous effort and one that all the company is dedicated to.