Are You Prepared for a Ransomware Attack?
May 24, 2021 | BY Simcha Felder, CPA, MBA
Your employee opens an email attachment or clicks on a link. It sounds inconsequential, but the next thing you know, you and your employees are locked out of your company’s computers and network. You may receive an intimidating message demanding a ransom and threatening that if you do not pay up in a day or two, all your data will be deleted or your company’s sensitive data will be published online. This type of cyberattack is known as ‘ransomware’ and is one of the most significant cyber risks that can jeopardize you and your business.
Earlier this month, a malicious ransomware attack forced the largest pipeline operator on the East Coast to temporarily shut down all operations. The attack led to price spikes and gasoline shortages across a large expanse of the United States. The pipeline operator ended up paying the hackers $4.4 million to regain control of their system. Such a high-profile case has publicized the problem of cybersecurity and ransomware to the public. Worse still is that large companies are not the only targets of cyberattacks.
Across the country, we have seen a dramatic increase in cyberattacks as organizations have shifted to remote work during the pandemic. According to Homeland Security Secretary Alejandro Mayorkas, the rate of ransomware attacks increased by 300% in 2020, and about three-quarters of victims were small businesses, who paid a total of over $350 million in ransoms during the year. Sadly, the attacks are becoming more brazen and costly as the pandemic drags into 2021.
So, what exactly is ransomware?
Ransomware is a computer program that is a form of malware. There are many variants, but ransomware is typically activated when someone clicks a link in a phishing email, or hackers find a weakness in your company’s computer system. Once the hacker is in, they encrypt and lock your business’s files, then demand a ransom for the key to decrypt and unlock them. More recently, hackers have begun downloading a business’s sensitive data, threatening to publish it online if a ransom is not paid.
Small businesses are frequent targets because they often lack the security or training to prevent a cyberattack. With the threat of ransomware and other cyberattacks becoming more common, what actions can you take to protect yourself and your business? Here are some steps that all organizations should consider as the frequency and sophistication of cyberattacks become more alarming:
Cyberattack Response Plan: Make sure your company has a cyberattack response plan so that in the event of an attack, you know what you need to do and who you need to contact. Cyberattacks always happen when you least expect them. When they happen, you will need to make decisions very quickly. The complexity of the plan will depend on the size of your company, but remember, hackers do not care how big or small you are. They give the same timeframes to a sole proprietor as they do a Fortune 500 company, and your response will have to be immediate.
Train Employees: Human error is the main cause of a business’s data being compromised. Train your employees to identify phishing emails and regularly educate them on the dangers of clicking unknown links. More than merely training, consider conducting drills to help employees identify and prevent a phishing attack. This can include sending fake phishing emails to your own employees to familiarize them with identifying dubious links or suspicious attachments.
Good Cyber Hygiene: Along with employee training, be sure to practice other good cyber hygiene habits. Regularly backing-up your data will leave your company less vulnerable. Making sure your systems and software are up-to-date is another simple yet effective tool to help prevent a cyberattack. The Federal Trade Commission has a useful website where you can learn more strategies for protecting your business from cyberattacks: https://www.ftc.gov/tips-advice/business-center/small-businesses/cybersecurity
Cyber Insurance: Determine if your company has a cyber insurance policy and be sure to review it. If your business does not have one, you may consider getting one, but be sure that ransom is covered and that the level of coverage reflects the current reality.
Remember that the cost of ransomware goes beyond just the ransom. Downtime during the attack means a loss of revenue and sales. Moreover, even if a ransom is paid, there is no guarantee you will get your computer or data back. Protecting your business from ransomware and other cyberattacks requires a multi-faceted approach. With good preparation and cybersecurity hygiene, your company can reduce risk in an increasingly dangerous digital world.