In July, one ransomware attack on a software company impacted as many as 1500 businesses. The company shut down the attack within an hour after it happened. If they hadn’t, the attack could have impacted tens of thousands of small businesses.
Ransomware attacks are on the rise and 71 percent of the victims are small businesses. Here’s what you need to know to protect your business.
What is a Ransomware Attack?
Ransomware attacks are a form of cyber extortion. Hackers hold your device and/or your data hostage and demand an exorbitant payment to release it back into your control. To gain this control, they use ransomware.
Ransomware is malware (a malicious software) that takes over your computer, your smartphone, your tablet, or other device. It activates in one of a few ways:
- Clicking a link in a phishing email.
- Downloading a file from an email.
- Having your device accessed through a Remote Desktop Protocol with the hacker trying user IDs and passwords until they find one that works.
- Using security holes in software to access your network.
Once they have access, one of two things happens:
- You’re completely locked out of the device or the network and can’t access anything on it with your login.
- The data on the device is encrypted and can only be accessed with a decryption key. The hackers claim they’ll give it to you upon payment, but this is often a lie.
They often want large sums of money and if you don’t pay up, they threaten to destroy your data or publicize it.
How to Prevent Ransomware Attacks
Small businesses are often the focus of ransomware attacks because they’re seen as easy pickings. You might think you’re too small to be of notice to a hacker, but you’re not. As a result, many companies don’t take proper precautions to prevent attacks. Hackers rely on small businesses not protecting themselves — that’s why they focus on you.
But if you do business online or collect sensitive information on customers, clients, or patients, you’re at serious risk. Here are a few things you and your employees can do to safeguard against a ransomware attack.
- Install and use antivirus software on every device. Scan devices regularly to look for malware and viruses.
- Make sure your network firewall is configured to guard against ransomware specifically — as well as other risks.
- Train your employees on proper data security protocols: don’t click links from an email you weren’t expecting and don’t download mystery files.
- Back up your company’s data regularly. If you are attacked, you’ll still have most of your data.
- Perform updates of operating systems and software as they’re released. There are often security patches in these updates to prevent these kinds of problems.
- Put a strong spam filter on company-wide email systems to prevent phishing emails from reaching anyone.
- Make sure your employees don’t have too many administrative privileges with their login. If an employee doesn’t need access to the entire system, don’t give it to them.
- Require two-factor authentication for logging in so getting around the system isn’t as easy as clicking “forgot password.”
- Purchase cyber liability insurance for your business.
How Cyber Liability Insurance Protects Your Business
You might think paying the ransom demanded by hackers will make the problem go away. In reality, they’ll likely take the money and refuse to grant access or they’ll demand more money. It might seem like that’s the only way to protect your small business, but it doesn’t work.
Instead, purchase a robust cyber liability insurance policy. It covers your business in multiple ways when you’re the victim of a ransomware attack.
- Helps notify all of your clients, customers, or patients that their data has been compromised
- Provides financial assistance to help pay for the years of credit monitoring you’ll need to do for affected customers, clients, or patients
- Provides assistance with investigating what happened, who did it, and how you were hacked
- Helps find and patch up security issues that allowed the attack to happen
- Pays for business interruption expenses and potential loss of income
Take the security measures you can to prevent a ransomware attack. Give yourself extra peace of mind that if it happens anyway, you’re fully covered with a solid cyber liability insurance policy.
Contact Charlotte Insurance today so we can discuss your options and provide a free estimate to help you protect your small business.