Ransomware has been a scourge to businesses for years now. With the pandemic, it’s now an even greater risk. Increased phishing attacks and other means of spreading ransomware require businesses to identify and mitigate vulnerabilities.
What Is the Purpose of Ransomware?
In so many words, ransomware is intended to make the cybercriminal money, deriving financial gains by encrypting data and demanding a ransom in exchange for the key to decrypt it (although these keys are rarely actually shared whether or not the ransom is paid). In pursuit of this goal, cybercriminals have become far more ambitious in who they target and how much they demand.
While small and medium-sized businesses are still very frequently targeted, critical infrastructures have found themselves increasingly in the crosshairs of late. The attack on Colonial Pipeline caused massive supply chain disruptions, while the cybercriminal group REvil has attacked the supply chains that people rely on to get their food. More recently they have attacked software vendor Kaseya with ransomware, impacting thousands of businesses around the world and inspiring even more attacks against service providers. Considering this, it should come as little surprise that ransomware demands have inflated.
This Makes It Crucial for You to Prepare for Ransomware
Here’s the crucial bit: preparing for ransomware requires more than just doing what you can to prevent it… It also means you have to be prepared to deal with the consequences of a successful attack.
Our first piece of advice? Find expert resources that you can lean on for assistance in dealing with either scenario. The external aid that Computerware provides will help you both resist ransomware more effectively and minimize the damage caused by any that might sneak through. Furthermore, specialized insurance is now available for businesses to help them manage the high costs associated with ransomware.
You will also need to evaluate your risk factors related to ransomware. For insurance, how large of a financial impact could you potentially face? What third-party risks are you subject to? How promising a target could you be for an attacker seeking something, whether that’s financial gain or widespread disruption? How vulnerable are you, really?
Once these ongoing steps (never a one-time thing) have been carried out successfully, there are two equally-important considerations to prepare for:
1. Preventing Ransomware from Breaching Your Infrastructure
Obviously, the ideal situation would be for ransomware to not make it in at all, so it makes sense to do everything possible to prevent your business’ network from being infiltrated. Having up-to-date antivirus, content filtering parameters, firewalls, and the rest of the initial preventative measures in place can block a significant number of threats from making their way in. Arguably even more important, your team needs to know how to spot potential threats and how to handle those they do see.
2. Preventing as Much Damage as Possible
Of course, nobody’s perfect, so chances are good that some ransomware variant will make its way in and take root. This makes it crucial that you are prepared and ready to minimize the impact it has. It’s very likely that contracting ransomware will require you to perform a complete data wipe, so having an isolated backup at the ready could be the very thing that saves your business.
Computerware is here to help you deal with the threat of ransomware, as well as any other tech-related issue that could hinder your team’s productivity. Find out what we have to offer by calling (703) 821-8200 today.
Alan Edwards, CISM, is chief information officer at Computerware, Inc., in Vienna, Virginia.