Protection against ransomware in SMBs

Protection against ransomware in SMBs

Share post

Protection against ransomware in SMEs: a task for companies and employees alike. Finally, Cybersecurity Ventures predicts that ransomware damage will exceed $ 2031 billion by 265. A comment from Florian Malecki, Senior Director, International Product Marketing at Arcserve.

Ransomware is one of the most harmful and widespread types of malware today. With the lucrative "business" in mind, cyber criminals break into company computer systems and encrypt the victim's data. The data will then only be released against payment of a ransom. A relatively new trend in the criminal scene is that, in addition to data encryption, the victim is also threatened with publishing or selling the stolen information on leak sites in the Darknet. This increases the pressure on the victims to pay the ransom.

Consequences due to the vulnerability of the technology infrastructure

A prominent example from the USA that had far-reaching consequences and also exposed the vulnerability of the technology infrastructure was the recent ransomware attack on the Colonial Pipeline. Cyber ​​criminals paralyzed the largest US fuel pipeline and temporarily caused fuel shortages along the entire east coast. In his testimony before the Senate Homeland Security and Government Affairs Committee, CEO Joseph Blount admitted that his company paid nearly $ 5 million in ransom just one day after the malware was discovered.

Such scenarios also play out at SMEs worldwide on a daily basis. Cyber ​​criminals don't just target the big guys. They are often aimed at classic medium-sized companies, whose security measures and defense mechanisms are usually lower and therefore easier to break. Here, too, there is a profitable business for cyber criminals and they are making full use of it.

Forecast 2031: total damage of 265 billion US dollars

Cybersecurity Ventures predicts that ransomware damage will exceed $ 2031 billion by 265 - With an attack on businesses, consumers and devices every two seconds. The forecast for 2021: $ 20 billion in damage, which is a jump of 57 times compared to 2015. Regardless of whether the forecast is accurate, the message remains the same: Companies urgently need to implement effective solutions for security and theirs Secure data.

The crux of the story is that companies often do everything in their power to prevent ransomware and other malware. Unfortunately, in many cases the biggest security hole is in front of the computer - not in it. In other words, the users are the critical factor in many attacks. According to the Verizon Data Breach Investigations Report 2021, 60 percent of ransomware cases were installed directly or via desktop applications in a study. The remaining infections took place via e-mails, open networks or via downloads that were triggered by other malware. The report also confirms that credentials are stolen in 85 percent of security breaches.

While a large company may have the means to weather an attack, many small businesses can be forced out of business by the effects of ransomware. Big or small, every company should do everything in their power to protect their data and prevent ransomware.

Everyone has a role to play in the fight against ransomware

There are various ways and technologies that hackers use to infiltrate devices and networks - and these are constantly evolving. For this reason, everyone in the company needs to know what to do to prevent ransomware. This includes the following aspects:

Training of employees to recognize fraud

Companies should train their employees with regular cybersecurity awareness and training programs. Training should include identifying potential threats, keeping up-to-date information on new and existing threats, and responding to an actual or potential threat. It is important to raise awareness across the company through regular information, updates and tips.

Streamline and enforce company policies

Every company must have guidelines for the confidentiality of user data, including those for IT and security personnel. These guidelines should include strict password and authentication requirements. It is important that employees understand and adhere to these guidelines and the meaning behind them. Everyone in the company does their part to prevent ransomware.

Use software-as-a-service

Applications that are audited and approved by the company are a big help in preventing ransomware. This is especially true for file sharing applications that reduce the use of email attachments. This strategy can reduce the number of phishing attacks with malicious attachments or even prevent them completely.

Actively warn of macros

Users who are unfamiliar with macros in Microsoft 365 and Adobe PDF documents may automatically click an "Enable Macros" button. In the case of a malicious file, that click can be a fatal mistake that opens the door to ransomware. This problem is exacerbated by a fundamental increase in document-based malware. The malicious documents work similarly to executable programs, including the ability to run processes and install additional code on the system. For this reason, it is advisable to use non-native document rendering for PDF and Microsoft 365 files in the cloud. This at least reduces the risk of unpatched desktop applications whose weak points are easy to exploit.

Report incidents

Nobody wants to be the person who falls for a malicious attachment or link and clicks on it. And most want to avoid the embarrassment of reporting an incident. However, employees should understand that they and their colleagues are the real victims. Companies must therefore ensure that every potential incident is reported immediately and with a clear conscience. Establishing simple and clear reporting procedures is a good way to do this.

Physical security is important

All employees should understand the company's security guidelines for connected devices and facilities. A lost or stolen laptop without a login password is an open invitation for cyber criminals to access the network. Even stolen credentials in the hands of a hacker can only lead to disaster. It must be clear to everyone that devices, ID cards and login data must always be kept safe.

Recovery must be planned and tested

Despite all caution and preparation, the following also applies: there is no 100 percent security against a ransomware attack. Even if all guidelines for protection are observed, cyber criminals are always finding new ways to break into devices and networks. It is therefore essential not only to do prevention, but also to have concrete plans for the event of a crisis. In the event of a successful attack, the best protection is that the company, its information technology and all data can be recovered. A detailed planning of backup and disaster recovery with suitable solutions is the most important step for this. However, the testing of the recovery and the continuous adaptation to changing IT structures must not be forgotten.

More at Arcserve.com

 


About Arcserve

Arcserve offers exceptional solutions to protect the valuable digital assets of companies that require complete and comprehensive data protection. Arcserve was founded in 1983 and is the world's most experienced provider of business continuity solutions for securing multigenerational IT infrastructures with applications and systems in any environment, on site and in the cloud. Companies in over 150 countries around the world rely on Arcserve's highly efficient, integrated technologies and expertise to reduce the risk of data loss and prolonged downtime while reducing the cost and complexity of data backup and recovery by up to 50 Reduce percent. Arcserve is headquartered in Minneapolis, Minnesota with numerous locations around the world.


 

Matching articles on the topic

IT security: NIS-2 makes it a top priority

Only in a quarter of German companies do management take responsibility for IT security. Especially in smaller companies ➡ Read more

Cyber ​​attacks increase by 104 percent in 2023

A cybersecurity company has taken a look at last year's threat landscape. The results provide crucial insights into ➡ Read more

IT security: Basis for LockBit 4.0 defused

Trend Micro, working with the UK's National Crime Agency (NCA), analyzed the unpublished version that was in development ➡ Read more

MDR and XDR via Google Workspace

Whether in a cafe, airport terminal or home office – employees work in many places. However, this development also brings challenges ➡ Read more

Mobile spyware poses a threat to businesses

More and more people are using mobile devices both in everyday life and in companies. This also reduces the risk of “mobile ➡ Read more

Crowdsourced security pinpoints many vulnerabilities

Crowdsourced security has increased significantly in the last year. In the public sector, 151 percent more vulnerabilities were reported than in the previous year. ➡ Read more

AI on Enterprise Storage fights ransomware in real time

NetApp is one of the first to integrate artificial intelligence (AI) and machine learning (ML) directly into primary storage to combat ransomware ➡ Read more

FBI: Internet Crime Report counts $12,5 billion in damage 

The FBI's Internet Crime Complaint Center (IC3) has released its 2023 Internet Crime Report, which includes information from over 880.000 ➡ Read more