Here's what businesses must do to mitigate the rising ransomware risk.
For businesses in today's digital environment, there are more risks than ever before. Customer data is always at risk of theft by determined cyber thieves, business computing assets are under threat of malware infection, and whole networks can be brought to a halt by distributed denial of service (DDoS) attacks. Lately, however, there's one specific kind of risk that has been increasing exponentially – the risk of a crippling ransomware attack.
According to the latest statistics from digital security firm McAfee, there were an astounding 504 new ransomware threats per minute recorded in the first quarter of 2019 alone. In almost all cases, victimized businesses are asked to pay exorbitant sums to regain access to their data. Those that don't pay risk having their data willfully exposed online by the perpetrators, while others see their critical information destroyed. In the aftermath, many are forced to close their doors altogether.
Despite the grim statistics, though, ransomware remains one of the easiest kinds of digital risk for businesses to counter. All they have to do is take some common-sense precautions before they're targeted. By doing so, it's possible to avoid such attacks altogether, or at least blunt their effects. Here's what every business should be doing to prepare.
Create a Comprehensive Backup Strategy
By far, the most effective defense against a ransomware attack is to have complete and up-to-date backups of critical data. That way, recovering from a ransomware attack is a simple matter of purging affected systems and restoring from the unaffected backup files. To make it work, though, certain best practices must be observed.
First, it's best to use a backup system that stores data either offline or within a segregated network that's isolated from vulnerable systems and the internet. Second, it's a good idea to use a backup solution that allows for file versioning, so that recovery is still possible even if an encrypted version of a protected file ends up in the backup set. When deploying such a backup solution, it's also critical to conduct a complete data inventory to make sure that everything the business needs to protect ends up duplicated in the backup system.
Lock Down Unused Services and Ports
Although many ransomware attacks use phishing emails and other social engineering techniques to get inside business systems, that's not the only attack vector. It's also common for attackers to use brute-force tactics on the ports left open to the internet by network firewalls. In particular, the standard port used for Microsoft's Remote Desktop Protocol (RDP – Port 3389) and the Server Message Block (SMB – Port 445) are especially vulnerable. To stay safe, businesses should take steps to shut down any open ports that aren't in use. Better still, they should deploy a VPN solution so that no ports need to remain exposed to the internet at all.
Create an In-House IT Security Team
Last but not least, it's a good idea for businesses to invest in creating an in-house IT security team to handle the ongoing job of defending the integrity of all digital systems. Depending on the size of the business, executing this step can be as simple as retraining an existing IT person to become an IT security analyst, or could require the creation of a full-fledged department with enough qualified staff to tackle the job. Alternately, to contain costs, it's also an option to contract out the job to a 3rd-party cybersecurity firm or managed service provider – but they've been targeted by attackers of late, too.
Managing the Risk
If the last few years have taught businesses anything, it should be that ransomware attacks are a clear and present danger to their very survival. Just by taking the steps outlined here, it's possible to manage that risk and remain secure. All it takes is a little bit of forethought, planning, and execution. The upfront costs to do these things pales in comparison to what might be lost as a result of a single successful ransomware attack. So, the real questions that remain are: what business can afford not to get themselves prepared for the type of ransomware attack that they're more than likely to face? And are they ready to pay the price for their own inaction?