Tips to help prevent a ransomware attack
Ransomware attacks are on the increase. Between April 2022 and March 2023, the UK was a prime target for ransomware attacks and was the second most attacked country in the world, behind the USA. According to a report published 19th April 2023 by gov.uk, 32% of businesses and 24% of charities had breaches or attacks over the last 12 months.
Given the prevalence of ransomware attacks, it’s still the case that few small and medium-sized businesses realise they are just at risk, if not more so than larger organisations. According to leading software company Symantec, in 2022 alone, 61% of all cyberattacks were aimed at small businesses. So, what exactly is a ransomware attack and what can you do, as an SME, to protect yourself?
Ransomware
Ransomware is a type of malware designed to deny a user or organisation access to files on their computer and is favoured by many hackers as it is easy to deploy and offers good returns.
In a ransomware attack, your files are encrypted by the cybercriminal who demands a ransom payment to restore access, which is usually provided via a decryption or unlock key, once you’ve made payment. Usually, paying the ransom is the easiest and cheapest way to regain access to the files.
While payment usually releases your files, there are no guarantees your data will be unlocked, and there have been instances of victims being subject to a double or triple extortion attack, in which some of the data is leaked, increasing the pressure on you to pay more.
The fall out
Small businesses are particularly easy and desirable targets because they tend to hold a lot of easily accessible, confidential information, ranging from bank accounts to medical records, which the cybercriminal can either sell on or hold to ransom. The fallout can be devastating.
To start with, you will have to pay the cost of the ransomware demand, and if the breach compromises any confidentiality laws, you may also be subject to a fine. Depending on what data is seized, it could also affect your customers, damaging customer trust and further affecting your business. Then, of course, there is the time lost while you rectify the situation and the emotional toll it takes. It’s an intrusive, inconvenient, frightening experience and one to be avoided at all costs.
Protecting yourself
So, what can you do to protect yourself, your business and your customers from cybercriminals looking to seize your data? There are a number of actions you can take:
- Patch and update regularly
Keeping up to date with the latest software and security patches will help protect you against potential cyberattacks. So, regularly installing updates for your tablet, smartphone, laptop or PC is one of the most important steps you can take. To make life easy, set your operating system, software programmes, phones and apps to ‘automatically update’.
- Control use of USB sticks and external hard drives
Hybrid working is still popular, with employees working remotely for at least part of the week, which means it’s essential to ramp up security. If you’ve been transferring files via USB drive or external memory stick, you need to be aware it only takes one unsecured device to compromise your network and your business. To reduce the possibility of a breach, it’s essential to employ endpoint protection, blocking access to physical ports and only permitting the use of approved memory sticks or memory cards.
- Don’t backup to main server
You think you’re protected because you’re backing up data to your main server. However, if all your data is saved on the same server, this could become unavailable during an attack. It’s advisable to identify essential data that your business cannot manage without and save it on an isolated, off-site back-up system. Then, in the event of an attack, your employees can still access key files and continue with day-to-day business activities.
Talk to TMD
Ransomware is a growing problem and it’s vitally important to act now, before you experience a breach. With cyberattacks affecting every sector and increasing in frequency and sophistication, you need to be vigilant and careful, and we would certainly advise following the steps above. In addition, it’s important to have protection in place in the form of cyber insurance. So, should the worst happen and you are attacked, you are covered against the financial and reputational fallout, and also have access to specialist assistance to help reinstate your lost data.
We have over 50 years’ experience advising companies on their insurance needs. We can arrange Cyber cover tailored to your specific requirements, ensuring you have the necessary protection in place. Don’t wait till it’s too late - act now, and ensure you are covered against cyberattack. To find out more, call us on 01992 703 000 or email insurance@mcdonaghs.co.uk
Sources
Malwarebytes.com: Ransomware in the UK, April 2022–March 2023
Gov.uk: Cyber security breaches survey 2023