It used to be a lot easier to protect your business. Going back centuries, protection meant knowing the right people, posting a night guard, or just simply having a good amount of cash. Now that commerce has moved well beyond the confines of a ‘brick-and-mortar’ set-up, your security needs to advance as well. More specifically, your cybersecurity.
You may be aware that recently CISA (Cybersecurity and Infrastructure Security Agency) released a facts and preparedness sheet regarding the rampant surge in ransomware attacks. It is important to know that no matter size or type of business you own, you could be at risk.
So fire the body guard you hired to stand next to the computer and let’s take a look at some of what CISA has to say.
‘PaY oR eLsE…’
Is it not a bummer that criminals do not take the time to paste together magazine letters anymore? Meaning, if you are going to be sinister, the least you can do is take the time and energy to cut and glue all those letters. At least give us something to hold, jeez.
That is the thing with ransomware. One minute you have your entire company at your fingertips and in the next millisecond, it is gone. Suddenly, you find yourself staring at a very large paperweight that used to be your computer. While it may not be physically fried, your computer may become completely useless depending on what data or access points were maliciously encrypted. At this juncture in the process, cyber criminals will usually request payment for the decryption tool, and it is not cheap.
We understand that most SMBs (small and medium businesses) do not have the same amount of capital as recently hacked corporations like Colonial Pipeline and JBS Meats. That is why we stress the importance of being prepared. It is much more cost effective to stay up to date on cybersecurity than it is to pay off cybercriminals. Plus, it may mean the difference between staying afloat and losing your entire business.
CISA recommends…
As is with most malicious threats to your data, defense will continue to be your best offense. Being prepared is the number one thing you can do to mitigate negative outcomes of a ransomware attack or just simply prevent the attack from happening in the first place.
In their four-page document, CISA outlines five main components of preventing ransomware attacks:
- Maintain offline, encrypted back-ups and regularly test your back-ups
- Create, maintain and exercise a basic cyber incident response plan, resiliency plan, and communications plan.
- Mitigate internet-facing vulnerabilities and configurations.
- Reduce the risk of Phishing emails.
- Practice good cyber hygiene.
It is not by accident that backing up your data is at the top of the list! However, pay close attention to the word ‘offline’. By completely isolating your back-up data offline and away from your main system, you can be sure that no malicious actors can worm their way in during an attack. It is also important to remember that this is not a set it and forget it type of situation either. Regular check-ups and maintenance are required.
Who you gunna call? CISA, you’re going to call CISA…
Is your security in good shape? Even if you have the latest and greatest in protection for your technology environment, it is still heavily encouraged to have a cyber incidence response plan.
As listed above under the second bullet point, creating and maintaining a ‘basic cyber incident response plan’ means being prepared from the get-go. Having both you and your employees know exactly what do during an incident can make all the difference in a speedy recovery.
In all instances of a ransomware attack, it is paramount to let the proper authorities/organization know as soon as possible. Recently passed legislation requires breaches in certain industries and situations to be reported to CISA, the FBI, or Homeland Security immediately.
We understand there may be hesitation or even a feeling of embarrassment to have to reach out to these organizations for help. However, they are here to help us win the battle against cybercriminals. Plus, they have many more deployable tools and resources to aid in recovery.
CISA also provides a secondary website dedicated to ransomware. On this site you can find many resources including news, reporting tools, and basic information regarding ransomware and ransomware attacks.
What can Vodigy do to help?
Thankfully, this does not have to be as much of a headache as it sounds.
By partnering with Vodigy, you can rely on us to do the heavy lifting. We can provide you with the most reliable security options, data back-up, and help create cyber incident response plans tailored to your company.
Ready to get secure?
Unleash the Power of IT Today!
