After two recent ransomware cyber attacks disrupted businesses, factories, hospitals and schools in over 150 countries, there are many lessons to be learned. The WannaCry ransomware was developed to take control of system data. It encrypted files as soon as the virus became active and demanded a ransom to be paid via Bitcoin, a cryptocurrency which makes funds transfer anonymous. For those companies without proper backup solutions or business continuity planning, this was extremely costly and possibly detrimental to not only the companies, but the consumers being provided the products and or services by these businesses.
According to Andrew Douthwaite, of business.com, these types of cyber attacks will only grow in popularity, it’s unavoidable. Here are a number of key steps that business must take to protect themselves from having to deal with a prompt window demanding a ransomware payment, which rarely leads to successful recovery.
Discuss cyber security in the boardroom
Executives need to recognize that rogue events, such as ransomware infections, denial of service interruptions, and direct cyber attacks, affect a company’s bottom line. Technology allows businesses to operate at a fantastic speed, but many underestimate the amount of risk this carries. For companies that provide mission-critical services, this risk is tenfold. For them, downtime means hemorrhaging revenue and a sudden erosion of consumer trust. When ransomware is discussed at the highest level, only then can the right strategies be implemented successfully.
The executives and managers should also consider , hiring a professional IT Support company that can assist with the review, planning, and implementation of strategies based on business needs. These companies have real-world experience and knowledge that can be very beneficial to designing the right solution.
Humans are often the weakest link for cyber attacks
Even the best cyber security systems are vulnerable to an uneducated workforce. Businesses suffer when users perform simple mistakes like downloading infected email attachments, browsing infected sites, and using common and easy-to-guess passwords.
Cybersecurity practices don’t need to be complicated. Many managed service providers will provide a list of best practices that can be translated or directly taught to employees, safeguarding your company’s data and time. Also, email security platforms should thwart any malicious emails from reaching end users in the first place. Most decent managed service providers include many essential security services as part of their standard managed IT service plans.
Have your systems regularly evaluated
Many systems and processes will “feel” secure, even to educated analysts. Having a third-party perform an investigative review will highlight any blind spots. Existing legacy systems should be upgraded where possible. In the wake of WannaCry, this was one of the reasons that the U.K.’s National Health Service had to turn away non-emergency patients.
When legacy systems are a necessity, they should be protected with unprecedented security – robust firewalls, URL and IP filtering and strict user regulations. Outsourcing cyber security protection is a popular choice for good reason. In-house teams deserve an extra pair of eyes and professional tool sets.
Patch and patch again
Software updates have long been the bane of IT departments for good reason – updates break things. However, users who were running the latest versions of Microsoft Windows were almost invulnerable to the WannaCry virus. Having an upgrade and maintenance cycle that makes sense is vital, and unsupported operating systems should be avoided at all costs.
Instead of putting upgrades off, having a plan for implementing future patches will safeguard against most attacks. When large companies fall victim to cyber attacks due to outdated software, and this fact is publicized, public confidence waivers.
We are past the era of the “simple backup”
Not only do backups need to be performed regularly, they need to be secure and available. It’s important in the wake of an attack that businesses understand which data has been lost and which is recoverable. Having your security evaluated will point out which systems deserve most frequent backups and where optimizations can be made. With many off-the-shelf backup solutions or MSP versions of BDRs, the backups reside on a Windows computer and are connected via a network share. In the event of a ransomware, these shares also get encrypted, prohibiting access to perform a restoration. This is a serious problem and having a backup that is encrypted is like not having a backup at all.
For instance, the QWERTY Concepts latest backup and disaster recovery (BDR) solution is encrypted on a Linux file system that does not rely on a Windows share to perform backups, therefore protected from being encrypted. Selecting the right backup solution can be the difference between the “life and death” of a business.
Furthermore, continuity planning is just as important as backing up data. All systems can fail, even mission critical ones. What’s key is having a plan for getting things running again. Documentation is key. You don’t want to be scrambling for ideas when employees are stressed and in a rush to get everything back online. Following a system outage, an up-to-date playbook will lead you out of the dark.
Ransomware is here to stay
WannaCry and Petya signaled to hackers and state-sponsored groups that the business world remains highly vulnerable to cyber attacks. Luckily, there are many solutions companies can turn to. Security specialists worldwide are working together more than ever before. It’s easy to forget that you’re not alone in protecting yourself against cyber risks.
User computers and servers should be protected by multiple layers of security, ensuring that attackers and malicious software cannot move laterally. There will always be weak points. Being prepared, however, means never giving up looking for them.