Ransomware: The Dos and the Don’ts

You may remember that the Colorado Department of Transportation was attacked by ransomware twice – one of which was successful – earlier this year. The successful attack sent 2,000 employees back to using paper and pencil for over a week. What many don’t know is that small businesses are just as big of a target for ransomware hackers. In fact, the FBI reported in 2016 that ransomware infected an estimated 100,000 computers a day, regardless of business or personal usage. That number has only increased.

It’s just a matter of time until a hacker tests your business’ cybersecurity defenses. Learn how ransomware attacks happen by reading our recent blog post, “Ransomware Targets Businesses of All Sizes.”

Here are best practices that our experienced team of IT experts has developed on things to do – and don’t do – to protect your business or help it quickly recover from a successful ransomware attack.

Ransomware: The Don’ts

• Don’t set easy-to-decrypt passwords. This is always mentioned because it continues to be a huge security risk.
• Don’t give all employees access to all files. They should only be able to access the files they need to do their jobs.
• Don’t save only one copy of your data. If your data is encrypted, you need a backed-up copy to restore it.
• Don’t keep all your data in the same place. If you have two copies but save them in the same place, they’ll both be encrypted.
• Don’t overlook web and email filtering solutions.

Ransomware: The Dos

Ransomware is inexpensive and takes little effort to deploy for hackers. Recovering from a successful ransomware attack, however, is expensive, takes a lot of time to remediate and can be massively disruptive to a targeted business. But, some business owners still forego cybersecurity solutions that could protect them because of cost.

Remember: the ROI on the time and money spent deploying these solutions is quantified by your business never suffering a successful ransomware attack which can cost hundreds of thousands of dollars. Work with your managed services provider to implement cybersecurity enhancements.

Here are some protections you can put into place and best practices you can use to defend against ransomware attacks.

If you’ve been successfully attacked and your files are encrypted:

• Unplug the infected computer(s) from the network and turn it off. This prevents it from infecting other workstations or your backups.
• Call your managed services provider for help recovering your systems from back-ups, deploying your disaster recovery plan and beginning forensics on your systems.
• Confer with legal counsel.
• Notify law enforcement (local police and the FBI).
• Follow your managed services provider’s recommendations for preventing another successful attack.

If you haven’t become a victim yet:

• Develop comprehensive back-up and disaster response plans. Make sure your employees know what to do and who to call to get the organization back up and running as soon as possible.
• Deploy a redundant, hybrid backup storage solution – storing your data both on-site and in the cloud. If one becomes encrypted by ransomware, you can restore the data with the other.
• Conduct annual cybersecurity awareness trainings with your employees. It is key to train employees on how to spot phishing attempts and other forms of cyberattacks and how to protect themselves and the company against them.
• Refrain from clicking on suspicious links or downloading files from senders from whom are you aren’t expecting attachments. These are the most common ways companies become infected with ransomware.
• Ensure you’ve partnered with a security-focused managed services IT provider

Simpleworks is Colorado Springs’ leading managed services IT provider. Our experienced solutions team works with business owners who need customized cybersecurity and back-up and disaster recovery services based on their needs and budget. Give us a call or email us today to find out more about our managed service packages and how we can help you simplify your IT.