Ransomware has become a big news story. It trickled into the mainstream when ransomware attacks started targeting US infrastructure operations, first bringing down the Colonial Pipeline operation. If that was not enough, meat processor JBS was taken offline soon after, threatening Fourth of July weekend activities and summer grilling season. George Kurtz, CEO of CrowdStrike, “is seeing a ‘massive’ increase in ransomware attacks… and it’s only getting worse.” (Howley, D. Yahoo! Finance)
Ransomware is a subset of hacking, and just like any other hack or cyberattack, a business, regardless of size, must protect its digital infrastructure. Protecting the business’s infrastructure is a two-pronged approach. First, a business must ensure that it is running up-to-date systems. Especially important is making sure that the computers running Microsoft Windows are running the latest version of Windows, or at least a supported version of Windows. When we discuss a supported version of Windows, we mean a version that is still receiving the latest security updates. At the moment, Windows 10 is the only major Windows release that is receiving security updates. Windows 7 went end of life over a year ago. Sadly, we find businesses running Windows XP, which went end of life back in 2014! I know, it runs stably, so why mess with it?! If it’s on your network, it’s a vulnerability.
Small businesses are especially susceptible because they are slower to upgrade technology. Small Business Computing reported that, “small businesses also tend not to be as engaged with Microsoft as bigger companies. ‘Not everyone has the enterprise agreement.’” (Hernandez, P. Small Business Computing) This means that smaller businesses need to take this aspect of IT into their own hands. Make sure systems are running updated Windows operating systems, and ensure that trusted internet security software is running on all computers.
The second of the two-pronged attack is the Business Continuity Plan. This can take on many shapes, sizes and forms. The important thing is that the business has thought this through, and implemented robust measures to protect itself. This can include data syncing or off-system backups. The important thing is to ask and answer this question, “how will you get up and running again if your data is taken hostage?”
Ransomware shows no sign of slowing down. REvil, a Russian-speaking ransomware-as-a-service (RaaS) operation, just attacked more large US firms last week. At the same time, there are countless small businesses that have been affected by ransomware, and more that are susceptible. Size does not matter, your business is at risk. Ensure that your business reviews its systems and Business Continuity Plan to set your business on the path to continue serving customers.
How is your business protecting itself from ransomware attacks and other cybersecurity threats? Let us know in the comments below!
(Originally published on LinkedIn on July 20, 2021)
Thanks.
Very nice write-up. I definitely appreciate this site. Thanks!