Ransomware attacks are on the rise in the COVID-19 environment. The most notable targets have been healthcare systems and financial institutions. Not surprisingly, individual users have also fallen prey to Coronavirus-themed scams. While Coronavirus scams are a new attack vector for threat actors, end-users should take the same precautions. The question for every organization is this: Has your company invested in safety measures against ransomware?
The Basics
In a recent survey of 3,500 workers across seven countries, just 31% correctly understood the definition of ransomware. This fact helps explain why these attacks continue to succeed in so many business sectors all over the world. If end-users don’t know what ransomware is, they can’t protect themselves and their organization from attacks.
So, what is ransomware? It is a form of malicious software that infects individual computers and the other devices with which they are networked. The software encrypts data in the network. The bad actors responsible for the attack will then send a message to the end-user demanding a ransom payment to return their data. Threat actors who disseminate this malicious software do not always immediately deploy its encryption capability. They will often spy on a network for weeks or even months gathering information, passwords and any pertinent data that they can use to ensure the biggest payout possible. This is especially true of system backups. Bad actors will often try to disable system backups weeks before launching an attack.
SMBs Are Not Immune
Emisoft estimates that ransomware demand costs could exceed $1.4 billion in the U.S. in 2020. Unfortunately for small and medium-sized businesses, this includes a surge in attacks towards them as well. Last year saw an upswing in ransomware attacks on SMBs. Datto recently reported that one in five SMBs were the targets of such an attack in 2019. Ransomware payouts are not the only costs associated with these kinds of attacks. The full costs to organizations include downtime, replacement and repair of machines, loss of reputation, loss of clients and damage to the brand. The average cost to recover from a ransomware attack increased 200% between 2018 and 2019. Datto estimates that downtime associated with these attacks cost SMBs an average of $141,000 last year. That price tag could be a disruptive blow to many small or medium-sized businesses.
What You Can Do
A well-trained staff is the best defense against a ransomware attack. Because most ransomware payloads are still delivered through phishing emails, training end-users to identify bogus emails is imperative. DNS protection, e-mail filtering and anti-virus are also crucial components of prevention. Once the malware makes its way into a machine and in turn, a network, a company’s security apparatus is their only hope. Therefore, preparation is key. Below is our comprehensive approach to ransomware.
Prevent
- Employee Training
- Email Filtering
- DNS Protection
- Anti-Virus Protection
Contain
- Network Segmentation
- Security Best Practices
- Real-time Monitoring and Alerting
Rebuild
- Offline or Off-domain Backup Systems
- Rapid PC Deployment
- Continued Surveillance
At GoComputek, our approach to ransomware is clear. Prevent, contain and rebuild. We can help train your staff and protect your network. If you have questions about your system’s security or want to know more, contact us right away to get started. Our techs can provide you with a free, no-commitment security assessment, including steps for resolution. We’ve been keeping our clients safe for the last 15 years. Let us keep you safe too!