Key ways to reduce exposure to ransomware for SMBs
Ransomware is probably the largest security threat facing small and medium businesses. According to the 2019 Verizon Data breach Investigations Report, 28% of all data incidents were caused by malware infections, and ransomware attacks represented 24% of all malware breaches.
Don’t Trust, Verify!
Always be skeptical when spending time online, either when surfing the Internet or when reading email.
Never open attachments in unsolicited emails, even if they come from someone in your contact list. You should go even further and treat attachments from known sources with suspicion until they have been scanned for malware.
Hackers are getting better and better at impersonating members of your staff or other legitimate sources. Think of all links and attachments in any email as being dangerous until proven otherwise.
Always apply the “Zero Trust” approach and don’t access/allow access to anything to your organization’s systems unless you are authorized by your information security team.
Beware of Freeware!
Free software and apps may save you some money, but these have become a conventional hunting ground for cyber thieves from all over the world, particularly for ransomware extortionists. Ransomware has been sent via free software such as downloadable games, file-sharing programs, and customized toolbars.
Train Your Employees!
Creating a cybersecurity culture within your SMB is the only way to a secure future, and it is mostly about training and awareness.
Information security specialists need to ensure that every employee is aware of the potential threats they face, whether it’s a phishing email, clicking suspicious links, sharing passwords, using outdated software, or an insecure network.
Employees sometimes falsely believe that the IT department can fix everything, or that antivirus software is infallible. Unfortunately, cyberattacks can quickly escalate, rapidly changing their characteristics. For instance, they might start with a phishing email, and continue with a phone call, or with a visit at the victim’s office.
You can’t prevent a cyberattack from coming your way, but advanced information security training for employees can minimize human error and improve the quality of your response.
Regularly Update Everything!
Make sure all the software on your system is up to date, including the operating system (OS), the antivirus software, the firewall, the browsers, and all the plug-ins that it uses. One of the most common infection vectors is a malicious exploit that leverages a software vulnerability. Enable automated patches for the Web browsers, which can help avoid suspicious websites that are often used as bait to get victims to click links and unknowingly download ransomware.
Backup All Your Data!
Although backing up won’t prevent a ransomware infection, it can mitigate the impact in case of a successful attack on your system. If your files are backed up properly and maintained remotely, either in a cloud or disk-based system, ransomware scams will be less destructive. Instead of paying a ransom hoping to get a decryption key, you will be able to simply restore your system to an earlier date before the attack.
Test Your Incident Response Plan!
It is security best practice to have an incident response plan in place with formally documented protocols that all employees should be aware of and follow on an ongoing basis. The response plan should outline specific actions to take when ransomware is discovered to mitigate its effects.
Enable Popup Blockers!
Popup ads are commonly used by digital marketers, but hackers use them too as vectors to deliver many types of malware, including ransomware. So, just to be safe and to avoid clicking dangerous popups, it is best practice to prevent them from appearing at all.
Disable Macros & Scan All Downloaded Files!
The majority of staff will never need to use a macro. Macros and any other similar settings need to be disabled for those who don’t need them.
Also, disable auto-run features for external media and always scan all software downloaded from the internet prior to executing.
Finally, you should always consider limiting user privileges wherever possible. For more information, please visit our IT security services page.