How to stop ransomware holding your business hostage

In the new world of business, with the workforce increasingly widely dispersed, and cybercriminals running rampant, ready to walk roughshod over any company they can, are you concerned about the rise in ransomware attacks? No? Well, perhaps you should be. Unless you take strong precautions, your business could be wrecked. So, here we look at some savvy ways to stop your organisation from being held hostage by this growing cyber threat.

Although there are stacks of cyber nasties out there, just waiting to wreak havoc on unsuspecting organisations, perhaps one of the most worrying is ransomware – a type of malware that blocks access to the victim’s data, or threatens to publish it, unless a fee is paid. Recent news suggests that the number of such malevolent attacks is skyrocketing, causing great distress to businesses and lives alike.

Alarmingly, there were reportedly as many as 304 million ransomware attacks worldwide in 2020, which was an increase of 62% from a year before. In fact, not only does it seem that these attacks are becoming more frequent, but it appears that cybercriminals are getting increasingly greedy as well. Indeed, a 2021 report by Palo Alto Networks found that the average ransom paid by those on the receiving end of such extortion, in Europe, the US and Canada, nearly trebled from $115,123 in 2019 to $312,493 in 2020, and last year the highest ransomware demand was as much as $30 million!

So, rather than having sleepless nights, what can you do to fight back and protect your business? Well, the answer is plenty, but with these attacks stepping up a notch, you really do need to raise your game, so here are some top tips to help you stay ahead of the hackers and keep your company safe.

1. Use a time machine

Have you ever found yourself in the position of desperately wanting to turn back the clock in order to undo some PC-related catastrophe? Well, while losing a little work from forgetting to save a document, when your PC crashes, can be frustrating, if large swathes of company data disappears or is locked, it could feel like only a time machine can help. OK, so the prospect of actually using a real-life time machine to rewind the clock, if an attack occurs, may be remote (unless of course you have a DeLorian and flux capacitor to hand), with the right disaster recovery technology in place, you can effectively turn back time. So, the next best thing to your own personal time machine might just be Prodec Networks’ disaster recovery as a service (DRaaS). This bespoke solution, tailor-made to your particular needs, uses advanced journaling technology that helps you to roll back to just before an event occurred, so recovery point objectives (RPOs) of just seconds can be achieved, minimising any data loss, and getting you up and running again pronto.

2. Fight fire with fire

Although it is undoubtedly prudent to put the right precautions in place to save all your data, if the worst should happen, as the old adage goes, ‘prevention is better than cure’. So, a powerful way to protect against cyberattacks even occurring is to secure your network perimeters with a robust firewall. A firewall is essential to help stop any attacks in their tracks, as all network traffic passing through it is analysed and checked against complex parameters, to identify security risks which could bring your business to its knees. As organisations are facing increasingly sinister next-generation cyber threats, such as ransomware, this calls for the latest next-generation firewalls (NGFWs) to combat them, which could be seen as fighting fire with fire. Better still, to take all the worry out of securing your network borders, you could consider using a comprehensive firewall as a service (FWaaS) solution. Prodec’s FWaaS uses Fortinet’s Fortigate firewall security and unified threat management (UTM) technology, which provides multiple layers of protection in a single platform. This includes anti-spam, anti-virus, application control and web content filtering, giving you the peace of mind only strong cybersecurity can supply.

3. Get more click clever

Nevertheless, no matter how tough the technology is that you put in place to protect your organisation, no business, small or large, can ever be 100% safe from cyberattacks forever, as cybercriminals are constantly devising more devious ways to penetrate IT defences. There are currently a whole gaggle of grisly ransomware threats circulating to guard against, and while it pays to watch out for the latest attacks, new ones are popping up all the time. It is therefore also vital to ensure that your workforce is as ‘click clever’ as possible – fully informed about the dangers of clicking on the likes of unsolicited emails and dubious links. This can be achieved by providing IT security training for your employees, whereby they are educated on the risks to look out for, especially the perils that rogue emails can pose, as these remain a key route in for ransomware attacks. This is perhaps one of the most powerful ways to protect your business, creating a solid wall of defence in this cyber war of attrition.

4.Strengthen your weakest link

While educating your end-users will no doubt help to repel ransomware attacks, with home and hybrid working rapidly rising, it is also vital to ensure that your IT security extends to wherever your staff are based. To prevent remote working from becoming your weakest security link, it is essential to ensure that your people use mobile devices that are strongly protected with endpoint security. This can help stop threats dead before they become a problem. It is also important to make sure that remote connectivity to your business network is as secure as possible, which can further reduce the risk of cyber threats creeping in. This can be achieved by using a virtual private network (VPN), which encrypts communications, enabling confidential company data to be sent safely from one device to another, wherever the user is located. Alternatively, for a quick and easy solution for remote working, you could consider employing Prodec’s CloudShield – a straightforward device which plugs into the router, to provide a reliable overlay via which business resources can be securely delivered.

5. Clean up your act

Although it is crucial to put the right technology in place to protect your business from the risks of ransomware attacks, and other online security threats, it is also vital to clean up your act by improving your cyber hygiene game. No, this does not involve copious hand washing, but does require you to adhere to thorough, proactive procedures to prevent online threats from infecting your network. This should include such measures as ensuring strict password protocols are followed, whereby only complex, frequently updated passwords are used, making sure that all data is backed up to a secondary source, such as cloud storage, reviewing and updating all software regularly, and creating a cyber hygiene policy, detailing best practices for all your workers to follow. Finally, it is also wise to review your organisation’s cybersecurity as a whole, in light of the recent rising threat levels, to see where this can be strengthened. Don’t be caught out by complacency, as a 2021 IDG/Insight survey reported that almost 80% of senior IT and IT security leaders believe that their companies do not have sufficient protection against cyberattacks, and only 57% said they had carried out a data security risk assessment in 2020. Thankfully, this can be easily remedied by arranging a free network security review from Prodec, which not only highlights any weaknesses, but recommends ways to reinforce your defences.

So, for help with strengthening your protection against ransomware, and other online threats, or to discuss your specific cybersecurity needs, contact the experts at Prodec today.