Blog Series: The Business Risk of Ransomware
The recent “WannaCry” ransomware threat that affected companies across the globe and locally in Orlando, serves as a reminder and wakeup call for businesses of all sizes to the importance of data back up and securing their systems.
Simply put, ransomware is when a hacker holds a business’ data hostage until the company pays a specific amount of money to free up their data. Ransomware is not new. What made this attack different was it targeted a Microsoft vulnerability, and the amount of companies compromised worldwide, the ones who paid their ransom & those who never regained access to their data.
Ransomware attacks grew by more than 600 percent in 2016 than in 2015, and cost its victims more than $1 billion, according to a new report from PhishMe.
While “WannaCry” affected Microsoft specifically, there are two important points to make. First, is that there are ransomware viruses that attack cell phones and Macs. Second, is that Microsoft announced and made the unprecedented move of providing updates for supported & unsupported operating systems in March highlighting the severity of the threat; meaning those businesses affected did not run updates as a preventative measure or housed their data on an unsupported version of the operating system.
The effectiveness of the virus globally is a clear sign that businesses remain at risk to losing their data, which is the lifeblood of today’s businesses.
Entrepreneurs are natural risk takers, but generally they take very calculated risks or they insure themselves for those risks they can’t mitigate. Yet, when it comes to their data and IT, many continue to take unnecessary risks by not having data disaster recovery strategies in place.
We have all been there at one time or another when our offices lose power and we are paralyzed without access to our data until power is restored. Losing your data due to a cyber threat or hardware malfunction is like losing power in perpetuity if the data is unrecoverable.
For many small businesses, IT costs can factor into their decisions to put off an IT investment or to handle their needs in-house with an employee who has some proficiency in IT. Yet, the risk of becoming vulnerable to a cyber threat or even to a loss of data due to a server failure, far outweighs the cost of proactive and ongoing data protection and system updates. Servers and computers are machines destined to fail sooner or later, why a business owner would take the risk of losing its data and possibly its ability to conduct business is difficult to quantify.
Here are some tips for protecting your business from ransomware threats like “WannaCry”:
• Conduct a vulnerability assessment and ensure your business has ongoing data back up and data maintenance. Consult an IT expert for this, it’s not worth the risk to do on your own.
• Develop or update corporate policies and memos regarding phishing emails that could contain harmful links & report any unusual activity that may construed being compromised.
• Read the Official response from the Microsoft Security Response Center (MSRC) to inform, assist & provide guidance to customers regarding this active threat.
Use this global and highly publicized cyberattack as the perfect opportunity to develop or strengthen your data processes and disaster recovery strategies. Keep in mind that a business could already be under attack or already compromised by the time they realize they need to act. Thus, precaution and prevention is a smarter and less risky strategy.