Ransomware in 2021: A Big Threat for Small Business. Are You Protected?

Blog Header Image (14)

Jan 27, 2021

Did you know that, as a small business owner, your choice of technology solutions provider could be putting your small business operations at risk? Even during the pandemic, while business activity is down, ransomware remains a major threat. Carbon Black reported that this past March in 2020, “ransomware attacks increased 148% over baseline levels from February 2020.” It found correlations between the uptick and news on the pandemic, “suggesting attackers are being nefariously opportunistic and leverage breaking news to take advantage of vulnerable populations.”

Ransomware is malware that infects computers (and mobile devices) and restricts their access to files. The cybercriminals often threaten permanent data destruction unless a ransom is paid — and it has reached epidemic proportions globally and is now their go-to method of attack. According to Cybercrime Magazine, the latest prediction is that global ransomware damage costs will reach $20 billion by 2021 – which is 57 times more than it was in 2015. Cybersecurity Ventures predicts that there will be a ransomware attack on businesses every 11 seconds in 2021, making ransomware the fastest growing type of cybercrime.

The biggest mistake small business owners can make is assuming they’re too small or insignificant to be a target. The cybersecurity community perceives that small businesses are not as prepared to repel an attack as larger businesses, which makes these smaller organizations a prime target for hackers. In fact, in 2018, 71% of the organizations hit by ransomware attacks were considered small businesses.

If your small business has not already been the target of an attack, count yourself fortunate—but don't assume it couldn’t happen to you. Below are some tips to prepare and protect your business from ransomware threats.

1. Educate Your Employees

People play a significant role in getting attacked with ransomware. Email attachments are the number one risk for infection, drive-by downloads are number two, and malicious links in email are number three. Specify your cybersecurity rules and explain the social engineering techniques of ransomware attacks. Make sure to educate your employees on what phishing is and train them on best practices, like not to open suspicious files or anything sent from unfamiliar senders. Run frequent fire drills that simulate an attack and review the results regularly.

2. Conduct regular risk assessments and software updates

In many cases, hackers take advantage of outdated systems to infiltrate the network. Scan devices with antivirus software on a regular schedule. Keep your operating system’s security patches up to date. Ensure antivirus and anti-malware solutions are set to automatically update and conduct regular scans so that your operating systems operate efficiently. Make use of third-party software aimed at addressing specific ransomware threats. 

3. Manage the use of privileged accounts

In an effort to limit your network’s exposure to malware, restrict users' ability to install and run software applications on network devices. Also, be sure to switch to two-factor authentication so a compromised password alone won’t give away your data.

4. Develop a robust backup and recovery strategy, and make regular backups

While installing top-notch protection is a great measure to take, you must prepare for the worst and have a recovery plan. Backups are essential for lessening the impact of potential malware threats. Store  your data in a separate device or offline in order to access it in the event of a ransomware attack. 

5. Find a trusted managed IT services provider

Even if you consider yourself tech-savvy, small business professionals can find their services falling victim to a talented hacker. It is critical to ensure that your managed IT services partners are taking active security measures such as real-time monitoring. Working with a provider that invests in cutting-edge security solutions can mean the difference between a quick and relatively painless return to business and a painful, costly data retrieval process that could have a negative impact on your business operations and productivity. Our managed IT experts at Milner are here to help keep your technology systems secure, current and reliable.

At Milner, we know how important it is for you to stay informed with the latest cybersecurity trends and ever-evolving threats from field experts, and to come away with best practices to help you keep your business and employees protected and productive. Join us at Milner Ignites on February 16th where you will have the unmatched opportunity to engage and connect with industry experts and leaders through the fully interactive virtual conference.