How to protect your business from Ransomware

June 28, 2018 James McNab

At the risk of stating the obvious, building your business into that ultimate vision which you once wrote down on a piece of paper/ beer mat/ back of your hand (delete as appropriate), is no mean feat. 

Hiring employees, finding funding, determining your go-to market strategy, developing a brand – these are all challenges, but most businesses are on top of them, or are at least aware of them and are working to address them.

Sneaking in the back like the naughty kid who’s late for school, is the latest challenge: defending your business against a rising tide of cyber crime

Specifically, one of the biggest challenges facing small and medium businesses today is how to combat Ransomware. 

What is ransomware?

Ransomware encrypts your files without your consent—and only the developer of the ransomware has the key to solve it. Some forms of ransomware also spread across the network – as we saw in the case of WannaCry in 2017. 

Once the infection is complete, a message will appear on your screen, demanding that you pay a

ransom in bitcoins for your data. A typical ransom can be anywhere from £200 to £10,000, but some organisations have paid a lot more.

Crucially, Ransomware tends to work because cyber criminals understand their targets—down to their likes and dislikes and how they conduct business. They know what they will pay for their data to be released, and they exploit any weakness they find ruthlessly.

Targeted organisations often believe that paying the ransom is the most cost effective way to get their data back – and unfortunately, this might be true.  The problem is that every single business that pays to recover its files is directly funding the next generation of Ransomware.

Why are SMBs a target for Ransomware? 

Very often, Ransomware campaigns rely on a ‘human being’. Rather than trying to break through layers and layers of security technology that most enterprises have, if hackers can get someone to click on a link or open an attachment that contains malware, it’s very often “job done”. 

Employees play the important role of being first line of defence.

Here are some best practices to defend your business against Ransomware:

1. Conduct regular employee cyber security awareness and training 

This should be engaging and focus on the latest information on security threats and tactics.  That way, they’ll understand better why you have strong password requirements and the role of authentication in security.

2. Explain incident reporting procedures to your employees

Ensure that users feel comfortable reporting security incidents with messages like ‘You’re the victim, not the perpetrator’ and ‘The cover up is worse than the event’

3. Remember to cover physical security

Although they’re less common than other forms of social engineering, visitor escort policies such as ‘dumpster diving’, ‘shoulder surfing’, and tailgating, which potentially threatens their personal safety as well as information security, should be reiterated to users.

4. Perform ongoing risk assessments

Identify any security weaknesses in your organisation, such as conducting periodic port and vulnerability scans.  Ensure solid and timely patch management (a lack of this is what caused WannaCry to spread so rapidly), and centralise security logging on a secure log collector or security incident and event management (SIEM) platform.  Make sure you frequently review and analyse log information.

5. If the worst does happen, then ensure your network is segmented to the extent that user privilege is limited

This will help eliminate ‘privilege creep’ where an attack will try and get some sort of administrative rights to the network, and thus cause more damage. 

Find out more on network security on our dedicated page for small and medium businesses.

6. And of course, never underestimate the importance of regularly backing up critical systems and data!

Regularly test those backups to ensure they can be restored, and also make sure they’re encrypted and maintain them offline or on a separate backup network.

Read our 2018 SMB cyber security report for the latest threats and how to defend your business against them.

To see more about the important role that people play in defeating Ransomware, take a look at this ‘Anatomy of an Attack’ video:

For more details on how you can build a robust security defence against Ransomware, visit our dedicated web page

About the Author

James McNab

James leads Cisco’s cybersecurity marketing across Europe, Middle East, Africa and Asia Pacific. He is passionate about helping customers enhance their ability to detect and block cybersecurity threats quickly and effectively so that they can focus on serving their customers and growing their business.

Follow on Twitter Follow on Linkedin More Content by James McNab
Previous Article
Secure growth needs intelligent cyber security
Secure growth needs intelligent cyber security

Next Article
Trends in SMB collaboration, communication, and productivity – what’s your strategy?
Trends in SMB collaboration, communication, and productivity – what’s your strategy?

SMBs now face growing competition from bigger rivals. Adopting a cloud-based Unified Communications strateg...