• texasitpros

How to Protect Your Business from a Costly Ransomware Attack

ransomware attack that blocked access to case management data and kept court offices from connecting to the internet. Shortly thereafter, the Texas DOT was also a ransomware victim. Ransomware is only becoming more prevalent and businesses are increasingly being targeted. Those that don’t have proper security and system support for their I.T., often end up paying the ransom to get back up and running, which emboldens the criminals to attack others. Ransomware attacks on businesses increased 365% between 2018 and 2019. During these attacks, companies that are unprepared can suffer serious losses due to:

  1. Business downtime

  2. Emergency costs to address the crisis

  3. Data loss costs

  4. Productivity losses

  5. Loss of sales and customer trust Being prepared is the best way to avoid falling victim to ransomware.

Tips for Safeguarding Your Company from Ransomware Ransomware attacks have become so lucrative for cybercriminals that their costs doubled between Q4 2018 and Q4 2019. The average cost of a ransomware attack is now $84,116. You can keep your Denton or Wise county business safe from a ransomware attack by employing these best practices.

Ensure You Have a Solid Backup & Recovery Strategy Not all backup plans are created equal. If you’re backing up to a local onsite server, then that backup could be infected along with your entire network in the event of a ransomware attack. You want to make sure you’re using a good backup and recovery strategy that includes a cloud backup for at least one copy of your data. Solid backup and recovery strategies include:

  1. Having at least three copies of all your data stored in different places

  2. Backing up regularly

  3. Monitoring your backup to make sure it hasn’t stalled

  4. Testing data recovery regularly

  5. Backing up all user devices & cloud apps that store business data Having a quickly recoverable copy of all your data helps you respond fast to a ransomware attack, mitigating downtime, and keeps you from having to pay a ransom.

Train Users on How to Spot & Avoid Phishing How does ransomware get introduced into a business network in the first place? A large majority of incidents can be traced back to a click on a phishing email. Phishing is by far the #1 delivery method for malware of all types, including ransomware. Providing ongoing phishing awareness training for your employees will go a long way towards fortifying your defenses against ransomware and other online threats. Topics to teach include:

  1. Hover over links to see the real URL before clicking

  2. Carefully reviewing emails for spelling/grammar errors

  3. Understanding how email spoofing is used in the “From” line of an email

  4. Not trusting any unexpected emails, especially those from unknown sources

  5. Understanding the emotional ploys (fear, reward, urgency) used in phishing

  6. What to do if a questionable email is received

Use Anti-Phishing & Anti-Spam Applications You can reduce the amount of phishing that makes its way into user inboxes by using anti-phishing and anti-spam applications. These applications typically use AI to look for patterns associated with phishing emails to block and quarantine those messages.

Add DNS Filtering (Web Protection) DNS filtering is often available in a firewall or VPN service. What it does is check a website after a link is clicked to see if it’s malicious before directing the user’s browser to the page. URLs, rather than file attachments, are used overwhelmingly in phishing emails to get past antivirus programs. When the user clicks the URL, it takes them to a website that will automatically download ransomware or other malware onto their system as soon as the page loads. DNS filtering (also called web protection) will stop that from happening by redirecting the user to a warning page if a malicious site is detected.

Prevent Domain Spoofing with Email Authentication One of the successful tactics that phishing scammers often use is to spoof your company domain in the “From” address of an email. For example, they’ll put “hr-dept@yourcompany.com” as the email sender, to fool your employees into believing an email about a new policy they need to download and read is legit. The email isn’t actually sent from your email address, but most employees won’t realize this. Adding the email authentication standards (SPF, DKIM, and DMARC) to your mail server can block this type of spoofed phishing email and reduce the risk of a ransomware infection.

How Strong Is Your Ransomware Security? Is your business prepared for the next ransomware attack? Texas I.T. Pros can do an evaluation of your current backup and security systems and make any needed recommendations to ensure you’re properly protected. Contact us today to schedule a consultation! Call 940-239-6500 or reach out online.