Cybersecurity

Ransomware Risk: 2 Preventive Steps for Your Small Business

December 7, 2021

If recent headlines about ransomware attacks have you concerned, your instincts are right. The Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) has issued formal guidance on the rising ransomware threat to operational technology assets. The criminals behind these attacks exploit both technical vulnerabilities and human behavior. The Federal Trade Commission has outlined two steps every small business should take to strengthen its defenses on both fronts.

Step 1: Make Sure Your Technical Team Is Following Best Practices.

The most important technical safeguard is ensuring that your business-critical data is backed up offline, off-site, and encrypted. If attackers encrypt your systems, a clean and current backup is what allows you to recover without paying a ransom. Without it, your options are severely limited.

Beyond backups, your IT team should be deeply familiar with the latest guidance from CISA. This includes the CISA Ransomware Guide and the resources published through CISA's public-private partnerships. This is not optional background reading. Understanding current attack techniques, patching cadences, and detection methods is an ongoing responsibility for anyone managing your organization's technology. The threat evolves constantly, and your team's knowledge needs to keep pace.

Other technical controls worth prioritizing include network segmentation, endpoint detection and response tools, email filtering, and ensuring that administrative privileges are limited to only those who require them.

Step 2: Schedule a Security Refresher for Your Employees.

Ransomware is not solely an IT problem. In many attacks, the entry point is a single employee who clicks a malicious link or opens an infected attachment. A distracted team member can inadvertently hand attackers access to your entire network.

What makes this more difficult is that attackers have become significantly more sophisticated. Early phishing attempts were full of misspellings and obvious red flags. Today, criminals use publicly available information and stolen data to craft convincing, personalized messages that appear to come from known contacts or trusted organizations. An email, a text, or even a phone call can be the delivery mechanism.

Employee training is your best defense against this type of attack. Training should cover how to recognize phishing and social engineering attempts, how to verify suspicious requests through a trusted channel, and why clicking a link without thinking can have serious consequences.

In addition to awareness training, enforce rigorous authentication procedures. Require long, complex, unique passwords for all accounts and administrative functions. Educate employees on the risks of reusing passwords across platforms. And implement multi-factor authentication wherever it is supported. These measures significantly raise the cost of an attack even if credentials are ever exposed.

If you believe your business has been targeted by a ransomware attack, contact your local FBI field office immediately. Ransomware is a federal crime, and prompt reporting can assist in broader investigations.

Let Cyber One Solutions Help Protect Your Business.

Building strong defenses against ransomware takes both the right technology and the right training. Cyber One Solutions can help you assess your current posture and put both in place. Contact us today to schedule a consultation.