How Businesses Can Protect Themselves from Ransomware

Ransomware is an ever-growing cyber threat that can devastate any organization, especially small businesses without the resources to combat it. Unfortunately, small business owners are the least likely to be prepared for a ransomware attack, as 60% of them don’t believe they’ll ever be a victim.

That’s why the Department of Homeland Security and other government agencies are focusing heavily on fighting ransomware attacks. For instance, the Cybersecurity and Infrastructure Security Agency (CISA) has published a helpful Ransomware Guide for business owners to help them develop an action plan for risk mitigation and incident response.

In a recent webinar hosted by the U.S. Chamber of Commerce, Secretary of Homeland Security Alejandro N. Mayorkas, along with a panel of cybersecurity experts, discussed the current state of ransomware in 2021, what the U.S. government is doing to combat it, and practical ways for small business owners to protect themselves.

Ransomware Poses a National Security Threat and an Economic Threat by Targeting Small Businesses

Ransomware poses an imminent threat to our national security, as well as America’s overall economic health as cybercriminals increasingly target small businesses. Mayorkas noted that small businesses comprise approximately one-half to three-quarters of the victims of ransomware at this time. Moreover, more than $350 million in victim funds were paid as a result of ransomware in this past year, and the overall rate of ransomware attacks has grown more than 300% from the previous year.

“Small businesses comprise the backbone of our nation's economy, and it is perhaps for that very reason that individuals who seek to pose a threat to our nation — who employ cyber tools [like] ransomware as the vehicle for realizing that threat — target small businesses as extensively as they do,” said Mayorkas.

“In order to address ransomware, one must be educated and informed with respect to not only how to detect other threats, but also how to respond to it and how to remediate from it should … our efforts to prevent the attack from occurring in the first instance do not succeed,” he added.

Cybersecurity Is an 'Urgent Priority' for the Department of Homeland Security

In March 2021, Secretary Mayorkas announced that his first sprint for the Department of Homeland Security would be focused on ransomware. This choice of focus demonstrates the gravity of the cyber threats our nation is currently facing.

“Cybersecurity generally is one of our most urgent priorities in the Department of Homeland Security,” Mayorkas said. “We developed a series of sprints in the cybersecurity arena, and ransomware is the first sprint because of two important criteria: No. 1, the gravity of the threat, and No. 2, the threat is not tomorrow's threat, but it is upon us.”

To help address the threat of ransomware, Mayorkas said the DHS has partnered with both the federal government and the private sector to ensure businesses have the tools and resources they need to defend themselves “to the fullest extent possible,” because “no one is inoculated from it.”

“It is not a matter of eliminating ransomware,” Mayorkas explained. “It's a matter of … defending against the attackers. It's a matter of equipping and arming ourselves to build the best defense possible within whatever constraints we have to make sure that those constraints are properly defined. In other words, [our] priorities are well-tailored to appreciate and respond to the incredible threat that ransomware is and for all of us to work together to build a collective defense to this threat.”

Cybersecurity Education and Best Practices Are a Business’s Best Defense Against Ransomware

As the business world has shifted online during the COVID-19 pandemic, ransomware attacks have increased in frequency, sophistication, and ransom payment amount. For small business owners, the best way to defend against ransomware is by educating themselves and their teams about cybersecurity threats.

“The biggest place to start is educating your end users and helping them to understand simple things like social engineering and emails that may look somewhat different or out of sorts [and] teaching them ... what to look for,” said Lisa Wallace, VP of U.S. Public Sector Security Sales Program at Splunk.

From there, said Wallace, small businesses should be focused on “keeping endpoint protection up to date, email security backups current, servers patched, … [having a] firewall policy, [keeping] centralized management and logs of your assets, [and] being more proactive at protecting and users from hurting themselves through education, policy, and enforcement.”