Shareholder

By Brad Atkin, CPA, CISA, CITP, SOC – Shareholder, IT Security and Advisory

How much is your sensitive data worth to you? This is what cyber criminals ask when they run a ransomware attack – taking over your computer and blocking access to your files until you pay a given sum.

Hackers typically carry out these attacks by sending a phishing email or finding a security hole to access the computer, then they encrypt the data. Soon after, you will receive a warning message that your files have been compromised and are now accessible only with a decryption key created by the hacker, which you will only receive upon payment. Of course, there are cases in which payment is sent and the hacker fails to follow up with his or her end of the deal. Sometimes they take a tiered approach, where you pay a price and only get a portion of the data back and they request more and more until you have gotten all your data back.

Is Your Business at Risk?

While small and mid-sized businesses may doubt they are on hackers’ radars, companies of this size are often primary targets for cybersecurity attacks. In fact – in the first nine months of 2018, Security Infowatch reported that 71 percent of the ransomware incidents they handled were for small or mid-sized companies. This is because they are less likely to have backed-up their data and do not have sophisticated security measures in place.

At-risk industries include consumer-focused, government agencies, medical facilities, law firms and other businesses that require fast access to their files and would be willing to hand over money to keep a reputation-damaging breach quiet. However, an incident could occur to companies of all sizes and in all industries.

Should your company be hit with a ransomware attack, most experts – including the FBI – recommend you do not pay the ransom. Complying with an attacker’s demands only encourages them to continue running this type of scam. Instead, seek the help of a security or IT specialist to determine what type of ransomware you are dealing with and what your options are for decrypting your data and rebooting your system.

Preventing a Ransomware Attack

Unfortunately, there isn’t a guaranteed way to block hackers from taking over your data. However, there are several precautions that can mitigate the risk.

Back-up your files. If your company becomes the victim of a ransomware attack, you will minimize your losses if most files are backed up to a separate and secure location – preferably offline. Many companies store sensitive data on external hard drives.

Test employees with fake emails. Because phishing emails are one of the primary avenues for running a ransomware attack, it may be beneficial to know which of your employees are susceptible to this type of scam. You will be able to see which of your colleagues clicked on a provided link or downloaded a suspicious file and supply these employees with additional training.

Keep your operating system up-to-date. Criminals are constantly coming up with new ways to exploit your system, and software updates attempt to keep up with these new threats. Install updates as soon as they become available.

Invest in a cybersecurity system. If you don’t already have a detection system in place, invest in a cybersecurity provider that will alert you to any signs of suspicious activity. They should also perform a threat analysis to determine vulnerabilities in your structure.

Are you protecting your data against cyberattacks like ransomware? Contact the cybersecurity advisors at Doeren Mayhew and ask about CYBERCLAW™ – a suite of IT solutions to safeguard your data and minimize your cybersecurity risk profile.