Ransomware attacks are still newsworthy events. Barely a day goes by in the cyber security world without hearing a story of a company, university or government agency that has been compromised by a ransomware attack. Did you know that according to an FBI study 34% of businesses that experienced a ransomware attack had to pay the ransom in order to recover their data? The high success rate of these criminal enterprises just perpetuates the bad behavior. The ransom money acquired is then partially invested into research and development to make more damaging and harder to detect ransomware. As a result, ransomware has evolved significantly over the years, have your defenses?
According to the FBI, the number one way in which ransomware is delivered to unsuspecting organizations if through phishing emails. It is becoming increasingly difficult to determine whether or not an email is legitimate or a scam. The FBI study also indicates that users are the weakest link in cyber security in most organizations. All the defenses in the world only protect your business so far if a user with access rights allows the bad guys in inadvertently. This is why cyber security training and phishing simulations are important components to any cyber security program.
In a worst-case scenario, backups may need to be relied upon to recover damaged data. According to the FBI, the #1 recommendation to protect against ransomware is to have reliable backups. What does that mean? Here are the points the FBI makes in regard to backups:
• Multi-factor authentication
The backup platform your business uses should only be accessible through an MFA-protected account.
• Network Access Controls
Network Access Controls means having a system in place to authorized which users and devices are on your network and detect unwanted users and devices.
• Role Based Access Controls
Not every user with access to the backups should have full permissions to perform any task, such as delete a backup set. Set permissions according to need.
• Immutable Backups
Backups should be unalterable.
• Elimination of Network Sharing Protocols
Backups should not be accessible through common network sharing protocols for security purpose.
• Integrated Backup Software and Hardware
There are synergies to having your backup hardware and software working together on the same platform.
• Air Gapped or Offline Copy
Backups should be kept offsite to ensure that a compromise of the business network does not affect the backup sets.
• Keep Multiple Copies
A ransomware infect may have occurred days or week prior to it being discovered. Having multiple restore points in key.
Ransomware is a threat to your business. That is the bottom line. Businesses need to be aware of the threat and taking active measures to protect your valuable data – before it is too late. Contact our security certified experts today at (888) 600-4560 or via email at info@coldencompany.com and see how Colden Company can keep your business safe.