We recently had a client who became the victim of a ransomware attack, specifically a Dharma variant called the .adobe variant. It attacked their file server and encrypted a portion of the files, which meant the company was unable to operate until it was resolved.
The hackers demanded $5,000 in ransom for the encryption key to unlock the data. That was a significant increase from one of our prior experiences with ransomware with a ransom request of $250. Thankfully, because our clients had the right plan in place for backup and recovery, we were able to resolve the situation quickly without paying the ransom. If you have the right backup systems in place, you can simply roll it back to before the ransomware infected the server.
The attack took place on a Sunday afternoon rather than mid-day of a workday, so their overall data loss was minimal. They did lose some productivity as we worked to get their systems fully functional again, but the downtime was pretty minimal overall because they were prepared for something like this to happen.
It wasn’t a sophisticated attack, but these attacks don’t have to be sophisticated to cause a lot of damage for businesses. Basically, hackers can buy an exploit kit with the code they need to launch the attack and then customize it a bit, or put their stamp on it, based on how they name the files.
When it comes to security breaches and cyber attacks, everyone is vulnerable. And I mean everyone. Yes, there are some things you can do to lessen the chances or lessen the impact, but no one is immune to cyber attacks regardless of what protocols they have in place. Many people don’t realize just how vulnerable they are.
At a recent conference we attended, one of the speakers asked anyone who had been impacted by a security breach or cyber attack to raise their hand. There were some people who didn’t raise their hands, and the speaker said that they’ve either been a victim and didn’t know it or would be before too long.
The sheer volume of attack attempts happening make it a numbers game so that it’s just a matter of time. The volume also makes it nearly impossible to stop. We can slow it down, but we can’t really stop it completely.
There are a couple of ways that small businesses are especially vulnerable, though the same issues can impact larger businesses as well. First, the use of single passwords to protect information. In lots of companies, there’s just one password standing between the hacker and the data they want to steal. Things like two-factor authentication can help, as can other methods for encryption keys and secure access.
The second vulnerability for a lot of businesses is the frequency of remote work. Anytime someone’s accessing your system from outside your system, there’s a risk there. Each time an employee logs in remotely, it’s creating another door into your system that hackers can try to break down. Most people view those actions as simple everyday activities they do in order to work, but it’s a risk to your company. I’m not saying don’t allow remote work, but rather be aware of the vulnerabilities it creates and have a plan to reduce that risk.
About 70% of all security issues come through email, so education can be key for your employees to understand the risks and to avoid clicking on any links without checking the sender and the link URL first. Online ads and websites are another potential point of access. When you go to a website, your computer starts downloading files associated with that website to your cache so you can view the site. If a virus sneaks through and your antivirus software doesn’t pick it up, that virus goes to work quickly.
Every company should have a plan in place to reduce their risk of cyber attacks and security breaches plus a recovery plan should one occur. The risk is simply too great to not have a plan in place before an issue arises.No tags for this post.