A woman sits at a desk with one hand to her forehead and her eyes closed. She looks defeated. The computer monitor on her desk displays a red and white window filled with text. An icon of a closed padlock suggests that the computer is locked.
As the hacking of the Colonial Pipeline demonstrated, ransomware attacks can be disastrous for both companies and the public. Learn how to defend against them. — Getty Images/PRImageFactory

Ransomware doesn’t just impact the big brands you see on the news; in fact, attacks are increasingly targeting smaller merchants, according to a report from the Department of Homeland Security. Not only have ransomware attacks gone up almost 300% over the last year, but approximately 50% to 75% of ransomware victims are small businesses. Here’s what you need to know about this type of cyberattack and how to protect your business from ransomware.

[Read more: 3 Security Threats Your Business Should Be Preparing for Now]

What is ransomware?

Ransomware is a type of malware attack that encrypts a victim’s files so they can’t access their information, effectively holding their data for ransom. The hacker usually asks for payment in order to restore access and decrypt the user’s data.

A recent example of ransomware took place in July 2020 when Garmin, a navigation and fitness wearables company, was hit with an attack that downed service for virtually all its customers.

“Hackers deployed the ransomware tool WastedLocker, which encrypts key data on a company’s digital infrastructure,” reported Cyber Security Hub. “In the case of Garmin, website functions, customer support, and user applications were all affected. Unlike typical ransomware software, WastedLocker does not steal identifying information and hold it for ransom. Instead, it renders programs useless until decrypted.”

To restore service, Garmin reportedly paid $10 million for the decryption key after four days of outages.

How do you protect your data from ransomware?

The federal government is stepping up efforts to deter ransomware, and the recent recovery of a share of the ransom from the Colonial Pipeline Attack is promising. In a recent White House memo, the Biden administration outlined the ways in which it would direct federal agencies to protect businesses from ransomware.

“These efforts include disrupting ransomware networks, working with international partners to hold countries that harbor ransomware actors accountable, developing cohesive and consistent policies towards ransom payments and enabling rapid tracing and interdiction of virtual currency proceeds,” wrote Anne Neuberger, the deputy national security adviser for cyber and emerging technologies.

Make sure your incident response plan includes steps for recovering business operations and a strategy for business continuity while your system recovers.

In addition, the White House issued guidance to help small business owners reduce the risk of a successful ransomware attack. These best practices include the following five steps:

  1. Back up your data, system images and configurations: Keep your backups offline and regularly test your backup configuration to make sure it’s working and disconnected from any business network. Maintaining offline backups is critical in the event of an attack.

  2. Update and patch systems promptly: Keep your operating systems, applications and firmware up to date with the latest versions, as these updates come with security patches and correct vulnerabilities. “Consider using a centralized patch management system; use a risk-based assessment strategy to drive your patch management program,” said the White House memo.

  3. Create and test an incident response plan: An incident response plan is a set of steps that helps your IT team detect, respond and recover from a security incident. Make sure your incident response plan includes steps for recovering business operations and a strategy for business continuity while your system recovers. Make sure to test this plan in a non-emergency situation so that you know your bases are covered.

  4. Double check your IT team’s work: If you can, hire a third party to test the security of your systems and identify any vulnerabilities. Pen testing (short for penetration testing) is a security exercise in which an expert attempts to breach your defense—highlighting where your system is flawed so you can fix it.

  5. Segment your networks: The White House reports a recent shift in ransomware attacks. Instead of stealing data, many attackers are simply disrupting operations, which is still costly and devastating for merchants. As a result, the White House is recommending that business owners separate core business functions from manufacturing or production operations. That way, if one part of your business is compromised, you can still maintain some operability.

[Read more: Does Your Small Business Need Cyber Insurance?]

There are tools and software that you can install that also help protect your data from ransomware and other types of malware. Installing 2FA or multifactor authentication is a good place to start. Speak to a security expert to get specific advice for protecting data at your business.

CO— aims to bring you inspiration from leading respected experts. However, before making any business decision, you should consult a professional who can advise you based on your individual situation.

Follow us on Instagram for more expert tips & business owners’ stories.

Event Recap: Mastering Leadership Skills

Watch the replay from our latest Roadmap for Rebuilding event, where the panel discusses how to best manage employees and build cohesive teams.



Published June 09, 2021