Ransomeware - What to do

Ransomware – Locked out of your own sytems?

May 21, 2022

Ransomware – Imagine this – earlier in the day you were working fine. Now you cannot access the system (your own IT system with all your data). You receive a message – pay this amount of money and we will give you back access to your own data. What do I do? Should I pay?

Sadly – over the past 12 months we experienced an increase in Small to Medium Business (SMB) reaching out to us AFTER being impacted by cybercrime. Is it too late? Technically no, we can often provide valued help however the exercise is usually stressful, and the SMB typically ends up negatively impacted in some way.

So, what do you do if hit by a Ransomware attack? Your business is crippled, unable to access your own systems. The ransomware attack has taken you back to pen and paper. Let’s take a step back and remember what ransomware is. Ransomware is a form of malware that essentially locks all your devices and demands you pay a ‘ransom’, generally an amount in bitcoin, to unlock your devices and data. Probably one of the first and most often asked question from the impacted SMB owner, why don’t I simply pay the ransom to get everything working again?

Fair question. Unfortunately, it’s not that simple:

Sophos (leading cybersecurity Vendor) recently conducted a study around those who did pay up following a ransomware attack, with some surprising results.

%

Couldn’t decrypt 1/3 or more

%

Couldn’t decrypt 1/2 or more

%

Couldn’t decrypt anything

Not great odds to bet your business on!! What lessons can be learnt here? Disclaimer, not all attacks are made the same way. But here are some tips that (in our experience) can prevent ransomware attacks from having such an impact or any impact at all.

Multi-factor authentication (MFA)

Multi-factor authentication is more common than you realise. Those codes that your bank texts you when you want to make a payment? That’s MFA. When Apple texts you a code to make a change on your account? That’s MFA. Given these large businesses are doing their best to protect you, shouldn’t you be doing the same for your data, your company’s reputation? MFA means that when a user tries to login into a system from a different location or make some kind of system change, they need to prove that they are who they say they are. You can customise your MFA levels to your business and security requirements.

Data Collection and Privacy

With data collection, storage and privacy mandated by government laws, it’s always good to understand the data you’re collecting and storing and whether you need that data. Every industry has different regulations on how data is stored and for how long it needs to be stored. Most businesses don’t realise that if you are storing data on individuals, they have the right to request to see what you are keeping and that you delete this data. The onus is on you to provide this data and prove that it’s been deleted. If you’re securing highly sensitive data, it could be worth discussing with your IT provider whether encryption needs to be part of your technology strategy.

Email Protection

With email being such a standard communication, it makes sense to engage advanced email protection. Improves protection against phishing, business email compromise and zero-day attacks.

Backup and recovery

Even the best cybersecurity systems can be exposed. If someone tells you different – they are wrong. Its bit like saying the titanic couldn’t sink. Having a robust backup strategy and regularly testing that it works is critical to your business continuity plan. We’ve seen businesses caught out by not having tested their backups, only to discover that when they really do need to recover for the backup, it doesn’t work. As part of your business continuity plan, you should identify which systems are a priority in terms of recovery and how long you can’t survive without them. This will then define your recovery strategy.

Why are these important?

By having a good security posture, regular maintenance and audits, plus educating your users on the best cyber-security practice, you can mitigate your risks. By having a backup and recovery plan that is regularly tested, you know that your business can be back up and running as expected if the worst was to happen.

Case Studies

Case Study – Plan B Services

Case Study – Plan B Services

<< BACK TO CASE STUDIES CLIENT PROFILE   Company Plan B Services Industry Land Development Country Australia Employees 80 Website planbgroup.com.au Plan B Services turn to Tech Precision to support the Group Business Manager with the IT function for relocation...

Blaze Staffing Solutions

Blaze Staffing Solutions

<< BACK TO CASE STUDIESCLIENT PROFILE   Company Blaze Staffing Solutions Industry Multi Specialist Recruitment Country Australia Employees 10+ Website blazestaffing.com.au Blaze Staffing Solutions turn to Tech Precision to replace incumbent IT service...

Contact Tech Precision

Talk to an IT Solutions Expert

 

Need to talk to an IT Expert? Fill the the enquiry form and one of our experts will get in touch with you shortly. If you prefer to give us a call, we are ready to talk on:

 

1300 788 738

  

"*" indicates required fields

Name*
This field is for validation purposes and should be left unchanged.