It can be as easy as an employee opening an email attachment. Once they do, a virus can infect their computer, lock their files and tell them to pay a ransom if they want to regain access.
This is a type of cyberattack known as ransomware, one of the most important cyber risks businesses need to be aware of. A recent study even found that ransomware attacks are on the rise, with demands ranging from $1,000 to $150,000.
As ransomware and other types of cyberattacks increase and get smarter, it’s vital to educate employees to help protect your business from a potentially ruinous threat.
What Is Ransomware?
Ransomware attacks can start with a simple phishing email or by finding a weakness in your business’s computer system. Once the hacker is in, they lock your business’s files and demand a ransom for the key to unlock them.
It is critical to know that when your business pays the ransom, it doesn’t mean attackers will actually send the key they promised. In fact, some attackers demand even more money from businesses that pay the original ransom. Factors your business should consider before paying the ransom include:
- If it’s possible to recover files from a backup instead
- How valuable the locked data is
- If your business can unlock its files with the help of an incident response firm
Ransomware and Business Impacts
It’s easy to think the ransom amount is the only impact a business faces if it’s attacked with ransomware. But the costs to recover from a ransomware attack are typically higher than the ransom.
For example, WannaCry, a virus operating as ransomware, spread across the globe in 2017. It caused more than $4 billion in damages by shutting down various public institutions.
Although WannaCry is an extraordinary case, even the simplest ransomware can be harmful to your business.
Business Downtime After a Ransomware Attack
How long a business shuts down after a ransomware attack varies, but a Malwarebytes study found most businesses experience one day to almost two weeks of downtime.
If you can’t run your business because of ransomware, it means you’re losing out on revenue and sales. Whether you’re a large or small business, any amount of downtime can put you at risk of permanently closing your company’s doors.
Why Ransomware Protection Starts With Your Company’s Employees
Although it’s important to make sure your business uses anti-malware software and runs updates regularly, ransomware protection starts with your organization’s employees. Human error is the main cause of a business’s data being compromised, cited by 47% of corporate executives. The good news is there are steps you can take right now to improve your business’s security and train your staff on how to identify and prevent an attack.
Be on the Lookout
You can take a proactive approach by educating employees on what ransomware is, how it works and the common ways it infects computers. It is important not to just conduct the training once a year but to establish drills throughout in order to help employees identify and prevent a phishing attack. This can even include sending fake phishing emails to your own employees to get them used to not opening suspicious attachments.
Use the Principle of Least Privilege
The principle of last privilege only gives each employee enough access to do their job. That means if they don’t need access to sensitive information or restricted parts of the network, they won’t be able to get to it which reduces the risk of ransomware spreading throughout the network. Overall, if they fall for a ransomware attack, your business won’t lose valuable files.
If you’re not following this principle, don’t panic. Take the time to review and update your employees’ privileges and access levels. Your business should only have a small number of employees with access to confidential or valuable files.
Use Multi-Factor Authentication
Multi-factor authentication adds another layer of security to help protect your business. This is sometimes called two-factor authentication, and it requires another device to access an account. For example, your employee might have to enter a one-time code sent to their phone after they enter their password. So, even if a hacker steals someone’s password, they won’t be able to log in without that other device. This will reduce the risk of cyber criminals gaining access to your network and applications in order to deploy ransomware.
Back Up Your Business’s Files
Backing up your business’s files means you can access them again if your computer gets infected with ransomware. Instead of paying the ransom, your business can restore your computer to an earlier date or completely restore it all together. This may mean you’ll lose your files, but because you backed them up, you have another copy.
It’s a good idea to keep your business’s data outside the network because sophisticated ransomware can sometimes lock down an entire network.
Protecting your business from ransomware and other cyberattacks requires a multi-faceted approach. It’s important to have the proper protection and systems in place to help identify and stop cyberattacks, as well as train your employees to recognize and prevent future attacks.
Source: The Hartford, “Don’t Let Ransomware Hold Your Business Hostage” https://www.thehartford.com website. Accessed December 28, 2020. https://www.thehartford.com/resources/cyber/ransomware-hold-business-hostage
© Copyright 2020. All rights reserved. This content is strictly for informational purposes and although experts have prepared it, the reader should not substitute this information for professional insurance advice. If you have any questions, please consult your insurance professional before acting on any information presented. Read more.