• The average ransom amount in 2016 was $1,077, up from $294 in 2015.
• 463,000 ransomware detections were reported in 2016, an increase of 36 percent.
• The daily rate of antivirus detections for ransomware increased to more than 1,539 a day.
• Ransomware is usually sent to users
in the form of spam emails that utilize a range of social engineering tactics to lure recipients into opening them and their attachments.
Cyberattacks on small businesses continue to increase, according to a 2017 internet security threat study conducted by Symantec, a global security and information management company. 此外, ransomware now tops the list of most significant threats facing businesses and t在这里 are emerging signs indicating that attackers may be developing even more sophisticated attacks, such as targeted ransomware attacks on businesses involving the encryption of multiple machines. Needless to say, you can’t afford to let your guard down.
反击
Not only are small businesses at an increased risk of being targeted by cybercriminals, 一次攻击, the likelihood of survival decreases significantly. That doesn’t mean you shouldn’t fight. T在这里 are a variety of great resources out t在这里 to help protect your business from a cyberattack.
值得注意的是, government officials recently compiled industry best practices and mitigation strategies focused on the prevention and response to ransomware. 在美国.S. government interagency report, How to Protect Your Networks from Ransomware, the following step-by-step tips are highlighted due to their effectiveness.
- Educate your staff. Your staff is your first line of defense. 因此, the first step should always be to remind your employees to stay vigilant and to never click on unsolicited links or open unsolicited attachments in emails.
- Take preventative measures. T在这里 are quite a few tactics you should take to maintain a proactive stance throughout your organization. Here are a few measures we recommend to our clients:
- Implement a cybersecurity awareness and training program.
- Prevent phishing emails from reaching the end user by enabling strong spam filters.
- Scan all incoming and outgoing email.
- Configure firewalls to manage access.
- Patch operating systems, software and firmware on all devices.
- Set anti-virus and anti-malware programs to automatically conduct regular scans.
- Manage the use of privileged accounts. No user should be assigned administrative access to a file, folder or server unless absolutely necessary.
- Implement software restriction policies.
- Create a continuity plan. While an attack may be bad for business, the time it takes to recover can be absolutely devastating. Minimize your recovery time by implementing and managing a comprehensive business continuity plan. Your plan should include regularly backing up your data, conducting annual penetration tests and vulnerability assessments and properly securing your backups.
关闭它
If your business does fall victim to a cyberattack, the following steps will help minimize the damage and shorten recovery time.
- 联系 your IT team and isolate the infected computer immediately by disconnecting the cable that attaches the workstation to the company network, or disconnect the VPN connection if one is being used.
- Secure backup data or systems by taking them offline.
- 联系 law enforcement immediately, including a local field office of the FBI or U.S. 特勤处.
- Change security access and passwords, if possible.
Jess Howard Electric, a 意图 client in Central Ohio, is proof that a small business can recover from a ransomware attack. By maintaining the proper safety protocols and adhering to strict policy and procedure, the company has successfully recovered from two attacks that could have crippled the business. 读他们的故事 在这里.
By Travis Strong, CISA (伍斯特哦)
This article originally appeared in the summer edition of The 意图 Report. Click 在这里 to subscribe.