Ransomware Attacks are on the Rise

Greg Fyn
Greg Fyn
June 9, 2021

As a business owner, it’s easy to let the news of an increase in ransomware attacks overwhelm us.

Companies big and small are getting bilked out of millions of dollars every day. The good news is that most of the threats are preventable. However, it takes a bit of planning, investment, and old-fashioned elbow grease to put protections in place.

We’ll go over some of the technical measures you should have in place later in this article, but first, we’re going to talk about your weakest link. More often than not, the weakest link in our security is people, our employees, and us. Therefore, as it relates to the ability of your people to recognize threats, education is the most crucial aspect of your defense. 

Most of the entry points for ransomware are suspicious e-mails, links to infected websites, or attachments. To combat the problem, We recommend cybersecurity awareness programs that are, by company policy, a job requirement of workers with computer access. This knowledge will give your users the ability to prevent breaches.

We recognize that humans make mistakes and have weak moments, particularly when in a rush to get something done or fatigued. So the use of security tools that use artificial intelligence to remove suspicious e-mails or alert your users that something isn’t quite right with the e-mail they received is strongly suggested.

Passwords are also one of the most significant problems end-users face.

You can ask the folks at the Colonial Pipeline about this.

Weak passwords, reused passwords, and shared passwords are the delight of any hacker. Other than that, a huge threat is the stick note taped to your monitor or the black book of passwords that might be in your upper right-hand drawer. Passwords comprised of a minimum of 10 characters with upper and lower case letters, numbers, and symbols would take (at the time of this writing) 928 years to crack. Remembering passwords is hard for some people. For these people, a password manager such as Passportal or LastPass is a great solution. Services that alert IT, managers, about any compromised passwords on the dark web and are for sale will prove themselves useful.

Other tools you should be using in your network are relatively obvious to most modern users. Managed antivirus/antispam, restricted Internet access through web technologies, having a policy of giving users only privileges to access company resources related to their job are a bare minimum requirement. In addition, a commercial quality firewall must be in place for all modern businesses.

Finally, backup is critical.

Routinely tested system backups are vital in ensuring that data is recoverable. Be sure that the solution you use has protections in place, so they don’t get corrupted. Consider how quickly you can get back to work after all of your files get encrypted because time is money.

If you’re not sure if you have all of these “boxes checked” or know exactly how to approach a security plan and are worried about being a victim of a hacker, please schedule an assessment.
Greg Fyn
With decades of experience, Greg leads the company and it's operations to provide the best experience to Honorbound IT's customers and employees.