Ask the Advisor: Mitigating Ransomware Cyberattacks

By Madhu Maganti, CPA, CISA – Director of IT Assurance and Security Group, Doeren Mayhew

Q. I’ve heard Ransomware is one of the biggest cybersecurity threats an SMB faces. How can I protect my organization against it?

Ransomware is a form of malicious software that can threaten your computer, usually by denying access to your data once it’s taken over. The attacker demands ransom from the victim, promising to restore access to the data upon payment, which can range from a few hundred dollars to thousands.

One of the most common delivery systems is a phishing spam — attachments received via email, masquerading as a trusted file. Once the file is downloaded and opened, ransomware infects the victim’s computer, especially if they have built-in social engineering tools that trick users into allowing administrative access. Some other more aggressive forms of ransomware, like NotPetya, exploit security holes to infect computers without needing to trick users.

Ways to help prevent ransomware infections include:

• Keeping your operating system patched and up-to-date to limit vulnerabilities.
• Avoiding software installs or giving it administrative privileges unless you know exactly what it is and what it does.
• Installing antivirus software to detect malicious programs as they arrive. Whitelisting software also helps prevent unauthorized applications from entering your computer.
• Backing up your files frequently and automatically! This won’t prevent a malware attack, but can make the damage caused by one less significant.

These steps should be maintained for best security practices in general and also improves your defenses from all sorts of attacks.

For more information on how to mitigate cybersecurity threats or assistance with implementing a plan, contact our IT Assurance and Cybersecurity Group today. The author can also be reached directly at maganti@doeren.com.