No matter how many times your IT provider, the evening news and fellow business owners warn you of the danger of ransomware attacks, you don’t take it seriously it until it happens to you. “No one would bother attacking a small business in the <insert your industry> industry in Colorado,” you tell yourself. But they would and do.
To say it again: small- and medium-sized businesses (SMB) in all industries are at risk of ransomware attacks.
A couple of years ago, Campbell Homes, a Colorado Springs-area builder of semi-custom homes, was successfully attacked by ransomware.
Homebuilders wouldn’t normally be considered big targets for hackers. But you have to remember that cybercriminals are in it for the money; they rely on you paying the ransom. Ransoms can be fairly low – $500 to $2,000 for many companies – to entice the victims to pay to get access to their files rather than expend the resources on properly regaining control of their data and putting effective security solutions and procedures in place. Unfortunately for those businesses, history shows that they are often attacked and ransomed again – in the very same year.
Undoubtedly, that was the expectation of the hackers who sent the fake package-tracking email that one of the homebuilder’s employees unwittingly opened. Upon downloading the seemingly legitimate and important email attachment, the ransomware began encrypting the company’s files – starting from the letter A and working its way towards the end.
The builder was infected with the digital version of termites.
Fortunately, an employee noticed that certain files were encrypted before the virus could complete its work. When the employee contacted us to ask why he couldn’t access the files, we immediately identified the problem as a ransomware infection and stopped the attack by identifying, remotely shutting down and disconnecting the workstation from the builder’s network. This prevented the virus from finishing its encryption and spreading.
In this instance, the defense-in-depth security strategy, which consists of layered security solutions and compartmentalized information access, we’d deployed for the builder would have protected other network drives from being infected.
After ensuring the rest of the network was safe, our top engineers began to assess the impact of the attack. Our engineers reviewed with the business owner what was encrypted, the estimated recovery time and what steps they should take next.
Meanwhile, others on our technical team were already remediating the problem by removing leftover ransomware files and recovering 99.9 percent of the company’s data.
That’s right: 99.9 percent. That translated into roughly twelve minutes of lost data. They were able to recover so much data because we’d implemented back-up and disaster recovery solutions for them just in case something like this happened.
“This ransomware attack could have been devasting to our business. Because of the quick response of Simpleworks, their layered security approach and a solid backup strategy, we recovered 99.9 percent of our data.”
– Tom Sauer, Senior Vice President of Campbell Homes
Building an effective cybersecurity strategy and executing it is a lot like building a house. Security must be built into the design and infrastructure – into the foundation. If you skimp in one area, it’s likely to negatively affect more than just that piece. The homebuilder didn’t want their cybersecurity to be a house of cards.
- Designed their network to minimize impact if they should be attacked again
- Conducted cybersecurity awareness training for the company’s staff
- Helped the business owner develop a disaster recovery plan
- Ensured back-up systems were tested, hosted in multiple places and working
- Implemented email- and spam-filtering on all workstations
Location may dominate in home sales, but effective cybersecurity is built with a defense-in-depth strategy. Your company needs multiple layers of security solutions. In the event one fails, another hopefully will stop the intrusion.
You can no longer rely on just anti-virus. Your cybersecurity needs to evolve as the security landscape evolves – no matter what industry you’re in or what size your business.
We have years of experience working with Colorado Springs businesses to secure them against ransomware and other cyberattacks. If you’d like to learn more about what we can do to protect your business, contact us here or call us at 719-476-0444.