“SMBs have relatively weak defences, making them an easy target for attackers because they often lack up-to-date cybersecurity. While major financial hits are harmful to any organisation, they could sound the death knell for many SMBs. Addressing this gap now will radically increase their ability to stay protected in the future.” Alan Hawkins, General manager, cyber security and software, Tarsus Distribution
Small and medium businesses (SMBs) are becoming increasingly vulnerable to ransomware, despite CEOs’ perception that their businesses are too small to warrant attack.
The pandemic has led to a dramatic increase in ransomware attacks because working from home has given hackers new avenues for attacks; in addition, data-stealing ransomware has become craftier, more targeted and difficulty to evade.
It’s no longer if a business will be targeted, but when, and even more critically, what measures are in place to restore its systems fast. We are aware that close to 40% of SMBs in South Africa have been affected by ransomware over the last year and it continues to be a major threat to businesses in all sectors. This is line with international research which shows that SMBs are no longer able to remain under the radar.
SMBs have relatively weak defences, making them an easy target for attackers because they often lack up-to-date cybersecurity. While major financial hits are harmful to any organisation, they could sound the death knell for many SMBs. Addressing this gap now will radically increase their ability to stay protected in the future.
Start by assuming the worst
The first step to protecting a business is to assume that the IT system has been breached, that passwords have been compromised and that there is a good chance that malware has infiltrated the IT infrastructure. With that awareness established, it’s important to run network security checks regularly to ensure that the cybersecurity solutions in place are working correctly. Network traffic analysis allows a business to track and receive alerts on unusual traffic and potential.
The pen test
A penetration test, also known as a pen test, is a simulated cyberattack that checks for exploitable vulnerabilities and is a valuable exercise, particularly at a time when so many employees are working remotely. A pen test gathers information about the organisation and its systems; scans systems, networks, and websites for vulnerabilities, and exploits these to gain access; generates reports on the simulated breaches; and provides information on how to increase security based on the reports.
Maintain IT hygiene
Ensuring passwords are strong and changed regularly will help reduce the risk of a breach. Businesses also need to review access rights to networks, files, and file shares to prevent adversaries from gaining access to sensitive data. When people move to another department or resign from the business, it is important to revoke their access rights. Any unnecessary privileges can prove costly in the event of a cyberattack.
Perform regular data backups
Modern backup solutions are designed to make incremental copies of data throughout the day to minimise data loss. A sound, automatic backup strategy ensures that organisations have copies of all documents, media, and important files right up to the time of the ransomware attack. With protection measures like data backup and disaster recovery in place, businesses should never have to worry about paying ransomware.
There is no single product or software that will solve all cybersecurity problems. In today’s threat environment, it takes many technologies to provide comprehensive risk management and protection against attacks. These include antivirus solutions that protect company networks and individual devices.
Firewalls are the first line of defence against external threats, monitoring traffic and restricting employees from accessing dodgy websites. With VPN capabilities, they also provide for added cybersecurity for remote workers.
Automated patch management streamlines patch monitoring and implementation across the business, ensuing that software vulnerabilities cannot be exploited. Weak and stolen passwords are at the heart of the rise ransomware attacks. Companywide password management solutions mitigate this risk.
Cybersecurity experts have warned businesses against meeting hackers’ demands for money in the wake of ransomware attacks on hundreds of thousands of computer systems around the world. Many organisations that have paid a ransom did not recover their data. The perpetrators of these attacks are criminals and aside from it being a bad idea to pay offenders, there is no guarantee that they will return quality data to their victims.
The best protection is a focus on early detection and prevention strategies to end ransomware attacks at the initial stages before critical systems and data are put in jeopardy.