Sales and Marketing - Jen Jordan

Sales and Marketing - Jen Jordan
Jen Jordan brings a wealth of life and leadership experiences to her writing. After 10 years creating a variety of content for a nonprofit, Jen decided to establish her own writing business. She specializes in creating high quality blog and website content for small businesses. When she's not writing, Jen is a competitive triathlete with a goal of completing a triathlon in all 50 states.

Ransomware: Simple Steps to Protect Your Small Business

Ransomware: Simple Steps to Protect Your Small Business

Your small business is at risk of a ransomware attack. Small businesses are the target of 85% of ransomware attacks and account for 70% of ransomware victims.

Ransomware is malicious software that locks access to your computer files, systems, and networks through file encryption. The criminals behind the attack hold your files, information, or network hostage, demanding you pay a ransom to regain access to your valuable data or systems.

1 in 5 businesses are brought to a standstill until the attack is resolved. The average period of a ransomware attack cycle is 300 days-almost an entire year. Ransomware victims must decide whether to pay the ransom, remain inactive, or lose the data or system access permanently.

The Cost of Ransomware Attacks

An average cyberattack costs about $200,000 and forces over half of small business victims to close within six months.

Ransomware attacks can also damage your business reputation for a long time. The risk of compromised credit card and bank information scares customers and can leave them feeling betrayed.

Disruptions to business operations not only cost your operation money now, but they can also lead to losing contracts and frequent customers. Additionally, it will take additional spending on marketing to recover a damaged reputation.

Prevention is Key

Almost one-third of small businesses lack a ransomware response plan or employee prevention training. Prevention is better than reactive damage control.

Common ransomware attacks often include:

  • Risky links and attachments. Attackers hide the malware in links or attachments embedded in emails that appear to come from trusted sources.
  • Phishing emails may look like they are from a bank, a company with an account, or an offer. They will request information from you and provide a link for information collection.
  • Remote Desktop Protocol (RDP) uses a specific port (3389) to run, and attackers scan for and find open 3389 ports. They can then steal login credentials, gain access, and launch ransomware.

Over half of the ransomware attacks come from emails. Ransomware has not become more sophisticated because the same methods used for years continue to be effective for attackers.

Simple Ransomware Prevention Steps:

  • Be sure to check email addresses carefully and look for misspellings and typos.
  • Avoid offers that seem too good to be true.
  • Do not click on suspicious or unsolicited attachments.
  • Never provide login information, passwords, or sensitive data.
  • Ensure that any RDP servers are up to date. Disable any bi-directional clipboard sharing.
  • Keep all your software up to date.
  • Audit your users and only grant them access to needed software and services.
  • Continued employee education is a key step in prevention. Make sure your employees understand the why and how behind preventing attacks.
  • Consider services that offer prevention and detection to discover and stop attacks before they occur.
  • Separate backup files from your main network and restrict access to sensitive parts of your network.
  • Use email filtering options to help weed out dangerous emails.

Prevention is the top priority because ransomware attacks are costly, damage business reputations, and interrupt revenue.

Stay educated on how attackers operate and share that information with your staff. Remind staff not to click on links in suspicious emails. Also, have staff report any emails they feel are not legitimate. Finally, consider security programs that will help you screen for and prevent attacks.

Resources:

https://www.darkreading.com/cyber-risk/protecting-a-small-business-from-ransomware-on-a-budget

https://www.law.umaryland.edu/content/articles/name-659577-en.html

https://www.cisa.gov/stopransomware/ransomware-guide

https://www.extnoc.com/blog/how-is-ransomware-delivered/

https://ransomware.org/blog/rdp-ransomware-everything-you-need-to-know/

https://www.uschamber.com/co/run/technology/small-businesses-ransomware#:~:text=However%2C%20ransomware%20attacks%20continue%20to,of%20ransomware%20attacks%20in%202021.